Make a SCCM Deployment dependent on the presence of a User Certificate

We are trying to deploy a certain configuration to our clients where the presence of a specific user certificate is a requirement.

That means that i need to find a way to deploy that sccm configuration only if that client has that certificate before that deployment is being triggered.

The problem here is, that this configuration will only work if that certain cert is already present, which means that if we deploy it to a client without the certificate available, it will cause the client to not be able to access the domain anymore.

0 Comments   [ + ] Show comments

Answers (1)

Posted by: rileyz 7 months ago
Red Belt

I had a quick google, and google states you can not look into another users Cert Store. 

So with that in mind. What you could do is create a script that runs in the user context  and checks for the cert, and if the cert if found then put a marker down. ie most easliy a file somewhere in the c drive, you could try HKLM, but the user will not likely have access.

With the above, you could either, do a hardware inventory for the file and create a collection off the results. OR just have the file existing as a requirement before it runs.

Its not the best, but it will be better than nothing.

Remember to test test test!
And also give some thought to other users who might use the computer but not have the cert.

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login


This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ