Open Fursel opened 4 years ago
We are experiencing the same issue. Deleted Self-Signed certificates from cert store, but they are still present in SCOM 4 days later. If I run the task, "List Certificate Properties", it will display the correct output. If I run the REDISCOVER Certificates task it triggers new discovery, but it seems like the discovery only adds new certs, not removing them. Hopefully someone with the insight to how the discovery really works (or should work) can make a PR proposing a fix.
Possible workaround: Disable the discovery entirely by setting 'Discovery of local computer's certificate store "My / Personal" (registry)' to false for the affected health service instances, verify that the Certificate Store instances are gone from SCOM, then run Remove-SCOMDisabledClassInstance, (after Powershell has finished up) delete the overrides, verify that the Certificate Store now contains the correct certificates. It works for us, but it's a very manual approach.
Nice will have to try to do this daily. I'm also having an issue where a cert is showing up as "expired" or "due to expire soon" but the Health State of the cert isn't changing ... therefore an alert doesn't get generated. Annoying because we depend on the alerts to trigger urgent tickets to get fixed.
I agree that when a cert gets deleted from a server, the next discovery interval should remove the cert from SCOM because it is no longer found. And if that runs every day for example you might see it still for that day and it should disappear. We will have to check this and verify if we can reproduce it.
ABout the second issue from SkywalkerHogie, it should change state and alert. SO have to reproduce and verify what is going on there.
Seems that this is fixed for deleted certificates
MP is really nice and search through stores but if we delete certificate from computer it doesn't dissapear from SCOM, not sure why. Anyone knows how to solve this ?