Answers:
目前,DSC中没有内置方法可以执行此操作。我为我的组织写了一个自定义资源,该资源从PFX安装证书。我在DSC中使用了Cert:PSDrive,Import-PfxCertificatecmdlet和安全凭据(用于PFX密码)。
现在位于Microsoft资源中!该xPfxImport资源位于xCertificate模块v1.1(可能以后)中。
再次感谢您的鼓励(尤其是jscott)。
xCertificateMicrosoft的DSC资源中的模块中,因此希望它将很快作为曾经的DSC资源工具包的一部分提供(现在可以通过PowerShell库)。我的请求请求在这里等待,但是您可以根据需要现在查看代码。
dev,不知道要花多长时间才能掌握。感谢您的赏识和您的支持。
如何使用组策略将证书部署到域?http://technet.microsoft.com/zh-cn/library/cc770315%28v=ws.10%29.aspx
使用组策略部署证书
Open Group Policy Management Console.
Find an existing or create a new GPO to contain the certificate settings. Ensure that the GPO is associated with the domain, site, or organizational unit whose users you want affected by the policy.
Right-click the GPO, and then select Edit.
Group Policy Management Editor opens, and displays the current contents of the policy object.
In the navigation pane, open Computer Configuration\Windows Settings\Security Settings\Public Key Policies\Trusted Publishers.
Click the Action menu, and then click Import.
Follow the instructions in the Certificate Import Wizard to find and import the certificate.
If the certificate is self-signed, and cannot be traced back to a certificate that is in the Trusted Root Certification Authorities certificate store, then you must also copy the certificate to that store. In the navigation pane, click Trusted Root Certification Authorities, and then repeat steps 5 and 6 to install a copy of the certificate to that store.