Tack för en givande dag på Operaterassen i Stockholm, det blev en mängd mycket givande diskussioner kring lagring, säkerhet och en del annat.
Hoppas det blir en massa lika spännande frågor i Malmö nästa vecka…
/Hasain

How do I delete all Failed Requests logged on my Certificate Services database?
The Certutil tool can be used to list and delete Failed Requests logged on any ADCS database, but the two operations cannot be combined in one request and you have to manually transfer the request is from the listing of failed requests to the deleterow command.
The attached script combines the two steps and automate the whole process for an easier management task.
/Hasain
———————————–delete_failed_adcs_requests.vbs———————————–
Set objShell = CreateObject("WScript.Shell")
Set objWshScriptExec = objShell.Exec("certutil -silent -view -out ""RequestID"" LogFail")
Set objStdOut = objWshScriptExec.StdOut
Do Until objStdOut.AtEndOfStream
strLine = objStdOut.ReadLine
If Len(strLine) > 10 Then
Set regEx = New RegExp
regEx.Pattern = "( .*?\(|\))"
regEx.IgnoreCase = True
regEx.Global = True
regEx.MultiLine = True
WScript.Echo "Deleting: " & strLine
Set objWshScriptExec = objShell.Exec("certutil -deleterow " & regEx.Replace(strLine, ""))
End If
Loop
———————————–delete_failed_adcs_requests.vbs———————————–

A must have tools for all of you with minidriver based smart cards to manage admin and user pin on such cards. The tool is free to download and use as well as to modify or reuse the code in other projects.
Many thanks to Björn Österman who made the tool available.
/Hasain
—————————————————————————
scUtil.exe, version 1.0, Author: Bjorn Osterman, Company: TrueSec AB, Sweden
syntax: scUtil.exe unblockpin <adminkey> <newpin>
scUtil.exe changepin <oldpin> <newpin>
scUtil.exe changeadminkey <oldadminkey> <newadminkey>
scUtil.exe calculateresponse <adminkey> <challange>
scUtil.exe generaterandomkey
<adminkey> is one the the following alternatives:
– 48 hexadecimal characters
– “default”, representing 48 zeroes
– “random”, representing 48 random hexadecimal characters
<pin> is variable-length string composed of alphanumerical characters
—————————————————————————
download: scUtil.zip