Webinar: PKI Insights - Best Practices for Improving your PKI Posture Management Program for your Digital Certificates and Encryption by PKI Solutions
Close

PowerShell PKI Module Documentation

Documentation Home
This command requires installed Remote Server Administration Tools (RSAT)

Restore-PolicyModuleFlagDefault

Synopsis

Restores default policy module flags.

Syntax

Restore-PolicyModuleFlagDefault [-InputObject] <EditFlag[]> [-RestartCA] [<CommonParameters>]

Description

Enables policy module flags. These flags are processed by policy module during certificate request processing. The following default flags are for:
Enterprise CA
————-
RequestExtensionList
DisableExtensionList
AddOldKeyUsage
BasicConstraintsCritical
EnableAKIKeyID
EnableDefaultSMIME
EnableChaseClientDC

Standalone CA
————-
RequestExtensionList
DisableExtensionList
AddOldKeyUsage
AttributeEndDate
BasicConstraintsCA
EnableAKIKeyID
AttributeCA
AttributeEKU

Parameters

-InputObject <EditFlag[]>

Specifies the object that contains existing CA Policy Module flags. The object can be retrieved by running Get-PolicyModuleFlag command.

Required? True
Position? 0
Default value
Accept pipeline input? true (ByValue, ByPropertyName)
Accept wildcard characters? False

-RestartCA <SwitchParameter>

Restarts CA service on the specified CA server to immediately apply changes.

Required? False
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? False

<CommonParameters>

This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, InformationAction, InformationVariable,
WarningAction, WarningVariable, OutBuffer, PipelineVariable and OutVariable.
For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/?LinkID=113216).

Inputs

PKI.CertificateServices.PolicyModule.EditFlag

Outputs

PKI.CertificateServices.PolicyModule.EditFlag

Notes

Examples

Example 1

PS C:\> Get-CertificationAuthority -Name Company-CA | Get-PolicyModuleFlag | Restore-PolicyModuleFlagDefault -RestartCA

Restores default policy module flags on Company-CA CA server and restarts certificate services.

Example 2

PS C:\> Get-CertificationAuthority | Get-PolicyModuleFlag | Restore-PolicyModuleFlagDefault -RestartCA

Restores default policy module flags on all CA servers and restarts certificate services.

Related links

Get-CertificationAuthority
Connect-CertificationAuthority
Get-PolicyModuleFlag
Disable-PolicyModuleFlag
Enable-PolicyModuleFlag

Minimum PowerShell version support

  • Windows PowerShell 3.0

Operating System Support

  • Windows 7
  • Windows 8
  • Windows 8.1
  • Windows 10
  • Windows 11
  • Windows Server 2008 R2 all editions
  • Windows Server 2012 all editions
  • Windows Server 2012 R2 all editions
  • Windows Server 2016 all editions
  • Windows Server 2019 all editions
  • Windows Server 2022 all editions