en-US/about_AdcsAuthorityInformationAccess.help.txt
|
.NAME
AdcsAuthorityInformationAccess .SYNOPSIS The AdcsAuthorityInformationAccess DSC resource is used to configure the URIs in the Authority Information Access and Online Responder OCSP extensions. .DESCRIPTION This resource can be used to configure the URIs in the Authority Information Access and Online Responder OCSP extensions of certificates issued by an Active Directory Certificate Authority. .PARAMETER IsSingleInstance Key - System.String Specifies the resource is a single instance, the value must be 'Yes'. .PARAMETER AiaUri Write - System.String[] Specifies the list of URIs that should be included in the AIA extension of the issued certificate. .PARAMETER OcspUri Write - System.String[] Specifies the list of URIs that should be included in the Online Responder OCSP extension of the issued certificate. .PARAMETER AllowRestartService Write - Nullable[System.Boolean] Allows the Certificate Authority service to be restarted if changes are made. .PARAMETER Reasons Read - AdcsReason[] Returns the reason a property is not in desired state. .EXAMPLE 1 This example will set the Authority Information Access URIs to be included in the AIA extension. configuration AdcsAuthorityInformationAccess_SetAia_Config { Import-DscResource -ModuleName ActiveDirectoryCSDsc node localhost { AdcsAuthorityInformationAccess SetAia { IsSingleInstance = 'Yes' AiaUri = @( 'http://setAIATest1/Certs/<CATruncatedName>.cer' 'http://setAIATest2/Certs/<CATruncatedName>.cer' 'http://setAIATest3/Certs/<CATruncatedName>.cer' 'file://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CAName><CertificateName>.crt' ) AllowRestartService = $true } } } .EXAMPLE 2 This example will set the Online Responder OCSP URIs to be included in the OCSP extension. configuration AdcsAuthorityInformationAccess_SetOcsp_Config { Import-DscResource -ModuleName ActiveDirectoryCSDsc node localhost { AdcsAuthorityInformationAccess SetOcsp { IsSingleInstance = 'Yes' OcspUri = @( 'http://primary-ocsp-responder/ocsp' 'http://secondary-ocsp-responder/ocsp' 'http://tertiary-ocsp-responder/ocsp' ) AllowRestartService = $true } } } .EXAMPLE 3 This example will set the Authority Information Access and Online Responder OCSP URIs to be included in the AIA and OCSP extensions respectively. configuration AdcsAuthorityInformationAccess_SetAiaAndOcsp_Config { Import-DscResource -ModuleName ActiveDirectoryCSDsc node localhost { AdcsAuthorityInformationAccess SetAiaAndOcsp { IsSingleInstance = 'Yes' AiaUri = @( 'http://setAIATest1/Certs/<CATruncatedName>.cer' 'http://setAIATest2/Certs/<CATruncatedName>.cer' 'http://setAIATest3/Certs/<CATruncatedName>.cer' 'file://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CAName><CertificateName>.crt' ) OcspUri = @( 'http://primary-ocsp-responder/ocsp' 'http://secondary-ocsp-responder/ocsp' 'http://tertiary-ocsp-responder/ocsp' ) AllowRestartService = $true } } } .EXAMPLE 4 This example will clear the Authority Information Access and Online Responder OCSP URIs from the AIA and OCSP extensions respectively. configuration AdcsAuthorityInformationAccess_ClearAiaAndOcsp_Config { Import-DscResource -ModuleName ActiveDirectoryCSDsc node localhost { AdcsAuthorityInformationAccess ClearAiaAndOcsp { IsSingleInstance = 'Yes' AiaUri = @() OcspUri = @() AllowRestartService = $true } } } |