I have local admin right on all remote servers that I'm trying to query the expiring certificate. I'm also able to query this same remote server for their Sql Server version by using Invoke-Sqlcmd -query "select @@version" -ServerInstance $dbName however, for querying the cert with Invoke-Command I got the following error.
[MyServer.SERVERS.myComp.com] Connecting to remote server
MyServer.SERVERS.myComp.com failed with the following error message : WinRM cannot process the request. The following error occurred while using Kerberos
authentication: Cannot find the computer
MyServer.SERVERS.myComp.com. Verify that the computer exists on the network and that the name provided is spelled correctly. For more information, see the
about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OpenError: (MyServer.SERVERS.myComp.com:String) [], PSRemotingTransportException
+ FullyQualifiedErrorId : NetworkPathNotFound,PSSessionStateBroken
This the code.
$servers = @("MyServer.SERVERS.myComp.com")
##### Loop through all servers in the server array #####
foreach($server in $servers) {
$expiredCert = Invoke-Command -ComputerName $server -ScriptBlock {Get-ChildItem -Path Cert:\localmachine\my | ?{$_.NotAfter -lt (get-date).AddDays(30)} | Select Thumbprint,FriendlyName,NotAfter, NotBefore}
}
if ($expiredCert){
Write-Output $expiredCert
}
On the remote server, winRM is enabled and running.