Import-HgsServerState
Imports an exported Host Guardian Service state into a Host Guardian Service instance.
Syntax
Import-HgsServerState
[[-XML] <XmlDocument>]
-Password <SecureString>
[-ImportTpmModeState]
[-ImportActiveDirectoryModeState]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Import-HgsServerState
[[-Path] <String>]
-Password <SecureString>
[-ImportTpmModeState]
[-ImportActiveDirectoryModeState]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The Import-HgsServer cmdlet imports the previously exported Host Guardian Service (HGS) state to the existing Host Guardian Service instance.
The cmdlet imports the following Host Guardian Service state from the input file:
- Attestation service policies
- Attestation service configuration data
- Key protection policies
- Key protection configuration data
- Key Protection Signer Certificates and private keys
- Key Protection Encryption Certificates and private keys
Additionally, this cmdlet renews the attestation service signer certificate and updates the key protection service instance with this certificate.
For more information about the scenario terms, see Security and Assurance.
Examples
Example 1: Import HGS state data
PS C:\> Import-HgsServerState -Path "C:\ExportedHgsServerState.xml" -Password $PassThis command imports previously exported state on the current HGS server. This command can be called on only one node. The state is automatically replicated to other nodes in the HGS server setup.
The exported state is the output generated from Export-HgsServerState when run against an existing HGS server setup. The password specified must match the password that was passed to Export-HgsServerState.
Use ConvertTo-SecureString to generate a secure string that represents the password.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ImportActiveDirectoryModeState
Indicates that this cmdlet imports and updates Attestation service configuration state relevant to the Active Directory operational mode.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ImportTpmModeState
Indicates that this cmdlet imports and updates Attestation service configuration state relevant to the trusted platform module (TPM) operational mode.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Password
Specifies the password that the Export-HgsServerState cmdlet used to encrypt the keys.
| Type: | SecureString |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Path
Specifies the path of the file that this cmdlet imports.
| Type: | String |
| Aliases: | FilePath |
| Position: | 1 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-XML
Specifies the state that this cmdlet imports as an XML document.
| Type: | XmlDocument |
| Aliases: | InputObject |
| Position: | 1 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |