Archive for the ‘ADCS database’ Category

Delete failed request from the Certificate Services database

October 11th, 2009 Comments off

How do I delete all Failed Requests logged on my Certificate Services database?

The Certutil tool can be used to list and delete Failed Requests logged on any ADCS database, but the two operations cannot be combined in one request and you have to manually transfer the request is from the listing of failed requests to the deleterow command.

The attached script combines the two steps and automate the whole process for an easier management task.




Set objShell = CreateObject("WScript.Shell")

Set objWshScriptExec = objShell.Exec("certutil -silent -view -out ""RequestID"" LogFail")

Set objStdOut = objWshScriptExec.StdOut

Do Until objStdOut.AtEndOfStream
    strLine = objStdOut.ReadLine
    If Len(strLine) > 10 Then

 Set regEx = New RegExp
 regEx.Pattern = "( .*?\(|\))"
 regEx.IgnoreCase = True
 regEx.Global = True
 regEx.MultiLine = True
        WScript.Echo "Deleting: " & strLine
        Set objWshScriptExec = objShell.Exec("certutil -deleterow " & regEx.Replace(strLine, ""))

    End If