How to bulk import all our users S/MIME certs to the GAL

Waldosharp
Waldosharp used Ask the Experts™
on
I have a question about PIV S/MME certificates and publishing them to AD. I am aware of the standard way for users manually  publish their certs to the GAL viaPublish_to_Gal.png
 

What I am not sure about is if we wanted to systematically bulk import all our users S/MIME certs to the GAL, how would we do that?  Specifically what I need to know is, where in AD are the certificates published too?  From my reading I see that it should reside in the attribute UserCertificate in the attribute editor tab in the object properties.  However if I do publish manually in AD I cannot then see my published certificate in my contact card in Outlook.

Can you please help me understand how this is done?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Microsoft Outlook MVP
Commented:
This can be done using PowerShell. Please see this MSFT blog entry for details: https://blogs.msdn.microsoft.com/adpowershell/2009/04/26/working-with-certificates-in-active-directory-powershell/

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial