PowerShell PKI Module Documentation

Documentation Home
This command requires installed Remote Server Administration Tools (RSAT)

Restore-PolicyModuleFlagDefault

Synopsis

Restores default policy module flags.

Syntax

Restore-PolicyModuleFlagDefault [-InputObject] <EditFlag[]> [-RestartCA] [<CommonParameters>]

Description

Enables policy module flags. These flags are processed by policy module during certificate request processing. The following default flags are for:
Enterprise CA
————-
RequestExtensionList
DisableExtensionList
AddOldKeyUsage
BasicConstraintsCritical
EnableAKIKeyID
EnableDefaultSMIME
EnableChaseClientDC

Standalone CA
————-
RequestExtensionList
DisableExtensionList
AddOldKeyUsage
AttributeEndDate
BasicConstraintsCA
EnableAKIKeyID
AttributeCA
AttributeEKU

Parameters

-InputObject <EditFlag[]>

Specifies the object that contains existing CA Policy Module flags. The object can be retrieved by running Get-PolicyModuleFlag command.

Required? True
Position? 0
Default value
Accept pipeline input? true (ByValue, ByPropertyName)
Accept wildcard characters? False

-RestartCA <SwitchParameter>

Restarts CA service on the specified CA server to immediately apply changes.

Required? False
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? False

<CommonParameters>

This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, InformationAction, InformationVariable,
WarningAction, WarningVariable, OutBuffer, PipelineVariable and OutVariable.
For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/?LinkID=113216).

Inputs

PKI.CertificateServices.PolicyModule.EditFlag

Outputs

PKI.CertificateServices.PolicyModule.EditFlag

Notes

Examples

Example 1

PS C:\> Get-CertificationAuthority -Name Company-CA | Get-PolicyModuleFlag | Restore-PolicyModuleFlagDefault -RestartCA

Restores default policy module flags on Company-CA CA server and restarts certificate services.

Example 2

PS C:\> Get-CertificationAuthority | Get-PolicyModuleFlag | Restore-PolicyModuleFlagDefault -RestartCA

Restores default policy module flags on all CA servers and restarts certificate services.

Related links

Get-CertificationAuthority
Connect-CertificationAuthority
Get-PolicyModuleFlag
Disable-PolicyModuleFlag
Enable-PolicyModuleFlag

Minimum PowerShell version support

  • Windows PowerShell 3.0

Operating System Support

  • Windows 7
  • Windows 8
  • Windows 8.1
  • Windows 10
  • Windows 11
  • Windows Server 2008 R2 all editions
  • Windows Server 2012 all editions
  • Windows Server 2012 R2 all editions
  • Windows Server 2016 all editions
  • Windows Server 2019 all editions
  • Windows Server 2022 all editions