I'm using C# (or VBScript) to issue a certificate from an Enterprise CA. According to this answer, I need to specify the OID instead of the certificate name, and place it in an unexpected portion of code. (IMHO I should place it where the null string is) I'm looking at certificate manager, templates, et.al, and can't locate the OID I should be using. Have any suggestions?
Certificate Templates are stored in the Configuration partition of Active Directory.
For instance, if your Certificate Template is named "Smartcard," then its DN would be:
CN=Smartcard,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,DC=Contoso,DC=Com
The msPKI-Cert-Template-OID attribute of that object contains the OID you seek.
Edit: Here's some Powershell:
PS C:\Users\Ryan> Get-ADObject 'CN=Smartcard,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,DC=Contoso,DC=Com' -Properties msPKI-Cert-Template-OID DistinguishedName : CN=Smartcard,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,DC=Contoso,DC=Com msPKI-Cert-Template-OID : 1.3.6.1.4.1.311.21.8.13882702.11110958.1330334.1890290.2281445.541.2.14 Name : Smartcard ObjectClass : pKICertificateTemplate ObjectGUID : 1cd4698d-56fe-4d4b-8005-f89a76d24ae1