## Version 001  M. Sieber Microsoft
## Version 002 Anpassung ohne Alias  br
## Version 003 Anpassung add to Line Zeile $FQDN .ToLower()   br
## Version -10 Freigabe durch br
## Namen anpassen
$alias = "alias.dc.contoso.net"


## Namen festlegen
$FQDN = "$env:computername.$env:userdnsdomain".ToLower()
$Subject = "CN=$FQDN"
$RequestFile = "DCReq.req"

## INF-Datei erstellen
"[Version]" 				| Out-File .\customDC.inf
"Signature= `"`$Windows NT`$`""  	| Out-File .\customDC.inf -Append
" " 					| Out-File .\customDC.inf -Append
"[NewRequest]" 				| Out-File .\customDC.inf -Append 
"Subject = `"$Subject`"" 		| Out-File .\customDC.inf -Append
"Exportable = FALSE"			| Out-File .\customDC.inf -Append
"KeyLength = 2048"			| Out-File .\customDC.inf -Append
"KeySpec = 1" 				| Out-File .\customDC.inf -Append
"KeyUsage = 0xA0" 			| Out-File .\customDC.inf -Append
"MachineKeySet = True"			| Out-File .\customDC.inf -Append
"ProviderName = `"Microsoft RSA SChannel Cryptographic Provider`"" | Out-File .\customDC.inf -Append
"ProviderType = 12"			| Out-File .\customDC.inf -Append
"SMIME = FALSE"				| Out-File .\customDC.inf -Append
"RequestType = CMC"			| Out-File .\customDC.inf -Append
" " 					| Out-File .\customDC.inf -Append

"[Strings]" | Out-File .\customDC.inf -Append
"szOID_SUBJECT_ALT_NAME2 = `"2.5.29.17`""	| Out-File .\customDC.inf -Append
"szOID_ENHANCED_KEY_USAGE = `"2.5.29.37`""	| Out-File .\customDC.inf -Append 
"szOID_PKIX_KP_SERVER_AUTH = `"1.3.6.1.5.5.7.3.1`""	| Out-File .\customDC.inf -Append 
"szOID_PKIX_KP_CLIENT_AUTH = `"1.3.6.1.5.5.7.3.2`""	| Out-File .\customDC.inf -Append
" " 					| Out-File .\customDC.inf -Append
"[Extensions]" 				| Out-File .\customDC.inf -Append
"%szOID_SUBJECT_ALT_NAME2% = `"{text}dns=$FQDN`" " 						| Out-File .\customDC.inf -Append 
"%szOID_ENHANCED_KEY_USAGE% = `"{text}%szOID_PKIX_KP_SERVER_AUTH%,%szOID_PKIX_KP_CLIENT_AUTH%`" "	| Out-File .\customDC.inf -Append 
" " 					| Out-File .\customDC.inf -Append
"[RequestAttributes]"			| Out-File .\customDC.inf -Append


## Request erstellen
certreq -new -f -q .\customdc.inf $RequestFile