PowerShell PKI Module Documentation

Get-ObjectIdentifierEx

Synopsis

Resolves object identifier value to a associated friendly name and vice versa and returns extended information.

Syntax

Get-ObjectIdentifierEx [-Value] <String> [[-Group] <OidGroupEnum>] [-UseActiveDirectory] [<CommonParameters>]

Description

Resolves object identifier value to a associated friendly name and vice versa. The cmdlet resolves both well-known OIDs (used in Internet PKI) and Active Directory forest specific registered OIDs.

The difference with Get-ObjectIdentifier here is a more detailed output information about OID registration and OID type.

The output of the command can be piped to Unregister-ObjectIdentifier command.

Parameters

-Value <String>

Specifies a string or strings that represents object identifier friendly name or value.

Required? True
Position? 0
Default value
Accept pipeline input? false
Accept wildcard characters? False

-Group <OidGroupEnum>

Specifies the object identifier group. By default, the command looks for an OID in all groups. The possible value can be either:
HashAlgroithm — represents hash algorithm group.
EncryptionAlgorithm — represents encryption group (symmetric algorithms only).
PublicKeyAlgorithm — represents public/private key algorithm group (asymmetric algorithms only).
SignatureAlgorithm — represents signature algorithm group.
RDNAttribute — represents X.500 Distinguished Name relative attributes.
ExtensionOrAttribute — represents certificate extension or certificate attribute group.
ApplicationPolicy — represents application policy group (the same as enhanced key usage).
IssuancePolicy — represents certificate policy group.
CertificateTemplate — represents certificate template group.

Required? False
Position? 1
Default value
Accept pipeline input? false
Accept wildcard characters? False

-UseActiveDirectory <SwitchParameter>

Indicates that the command should attempt to search both local registry OID tables and OID registrations in Active Directory.

Note: This parameter is always enabled and cannot be disabled on Windows XP and Windows Server 2003 computers.

Required? False
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? False

<CommonParameters>

This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, InformationAction, InformationVariable,
WarningAction, WarningVariable, OutBuffer, PipelineVariable and OutVariable.
For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/?LinkID=113216).

Inputs

System.String

Outputs

System.Security.Cryptography.Oid2

Notes

Examples

Example 1

PS C:\> Get-ObjectIdentifierEx -Value sha1

Returns extended information about OID registration with friendly name 'sha1'.

Example 2

PS C:\> Get-ObjectIdentifierEx -Value "Company smart card policy" -UseActiveDirectory | Unregister-ObjectIdentifier

Gets information about OID registration with friendly name 'Company smart card policy' and deletes all OID registrations from local system and Active Directory.

Related links

Get-ObjectIdentifier
Register-ObjectIdentifier
Unregister-ObjectIdentifier

Minimum PowerShell version support

  • PowerShell 3.0

Operating System Support

  • Windows 7
  • Windows 8
  • Windows 8.1
  • Windows 10
  • Windows Server 2008 R2 all editions
  • Windows Server 2012 all editions
  • Windows Server 2012 R2 all editions
  • Windows Server 2016 all editions
  • Windows Server 2019 all editions