Resource Type: dsc_xadcscertificationauthority

Defined in:
lib/puppet/type/dsc_xadcscertificationauthority.rb
Providers:
powershell

Overview

The DSC xAdcsCertificationAuthority resource type. Automatically generated from ‘xAdcsDeployment/DSCResources/MSFT_xAdcsCertificationAuthority/MSFT_xAdcsCertificationAuthority.schema.mof’

To learn more about PowerShell Desired State Configuration, please visit technet.microsoft.com/en-us/library/dn249912.aspx.

For more information about built-in DSC Resources, please visit technet.microsoft.com/en-us/library/dn249921.aspx.

For more information about xDsc Resources, please visit github.com/PowerShell/DscResources.

Properties

  • ensure

    The basic property that the resource should be in.

    Supported values:
    • exists?
    • present
    • absent

Parameters

  • dsc_cacommonname

    CACommonName - Specifies the certification authority common name.

  • dsc_cadistinguishednamesuffix

    CADistinguishedNameSuffix - Specifies the certification authority distinguished name suffix.

  • dsc_catype

    CAType - Specifies the type of certification authority to install. The possible values are EnterpriseRootCA, EnterpriseSubordinateCA, StandaloneRootCA, or StandaloneSubordinateCA. Valid values are EnterpriseRootCA, EnterpriseSubordinateCA, StandaloneRootCA, StandaloneSubordinateCA.

  • dsc_certfile

    CertFile - Specifies the file name of certification authority PKCS 12 formatted certificate file.

  • dsc_certfilepassword

    CertFilePassword - Specifies the password for certification authority certificate file.

  • dsc_certificateid

    CertificateID - Specifies the thumbprint or serial number of certification authority certificate.

  • dsc_credential

    Credential - To install an enterprise certification authority, the computer must be joined to an Active Directory Domain Services domain and a user account that is a member of the Enterprise Admin group is required. To install a standalone certification authority, the computer can be in a workgroup or AD DS domain. If the computer is in a workgroup, a user account that is a member of Administrators is required. If the computer is in an AD DS domain, a user account that is a member of Domain Admins is required.

  • dsc_cryptoprovidername

    CryptoProviderName - The name of the cryptographic service provider or key storage provider that is used to generate or store the private key for the CA.

  • dsc_databasedirectory

    DatabaseDirectory - Specifies the folder location of the certification authority database.

  • dsc_ensure

    Ensure - Specifies whether the Certificate Authority should be installed or uninstalled. Valid values are Present, Absent.

  • dsc_hashalgorithmname

    HashAlgorithmName - Specifies the signature hash algorithm used by the certification authority.

  • dsc_ignoreunicode

    IgnoreUnicode - Specifies that Unicode characters are allowed in certification authority name string.

    Supported values:
    • true
    • false
  • dsc_keycontainername

    KeyContainerName - Specifies the name of an existing private key container.

  • dsc_keylength

    KeyLength - Specifies the bit length for new certification authority key.

  • dsc_logdirectory

    LogDirectory - Specifies the folder location of the certification authority database log.

  • dsc_outputcertrequestfile

    OutputCertRequestFile - Specifies the folder location for certificate request file.

  • dsc_overwriteexistingcainds

    OverwriteExistingCAinDS - Specifies that the computer object in the Active Directory Domain Service domain should be overwritten with the same computer name.

    Supported values:
    • true
    • false
  • dsc_overwriteexistingdatabase

    OverwriteExistingDatabase - Specifies that the existing certification authority database should be overwritten.

    Supported values:
    • true
    • false
  • dsc_overwriteexistingkey

    OverwriteExistingKey - Overwrite existing key container with the same name

    Supported values:
    • true
    • false
  • dsc_parentca

    ParentCA - Specifies the configuration string of the parent certification authority that will certify this CA.

  • dsc_psdscrunascredential

    PsDscRunAsCredential

  • dsc_validityperiod

    ValidityPeriod - Specifies the validity period of the certification authority certificate in hours, days, weeks, months or years. If this is a subordinate CA, do not use this parameter, because the validity period is determined by the parent CA. Valid values are Hours, Days, Months, Years.

  • dsc_validityperiodunits

    ValidityPeriodUnits - Validity period of the certification authority certificate. If this is a subordinate CA, do not specify this parameter because the validity period is determined by the parent CA.

  • name (namevar)
  • provider

    The specific backend to use for this ‘dsc_xadcscertificationauthority` resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.