ESC15.ps1

 Param(

)
$VerbosePreference = "Continue"
# Ensure the script is running with elevated privileges
if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
    Write-Error "This script must be run as an Administrator"
    exit
}

# Check if running as a Domain Admin
$isDomainAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole("Domain Admins")
if (-not $isDomainAdmin) {
    Write-Error "This script must be run as a Domain Admin"
    exit
}

# Check if ADCSAdministration module is installed and import it
if (-not (Get-Module -ListAvailable -Name ADCSAdministration)) {
    Write-Error "ADCSAdministration module is not installed"
    exit
} else {
    Import-Module ADCSAdministration
}

# List of template names to check and remove
$templatesToRemove = @(
    "ExchangeUserSignature",
    "exchangeUser",
    "CEPEncryption",
    "OfflineRouter",
    "IPSECIntermediateOffline",
    "SubCA",
    "CA",
    "WebServer",
    "EnrollmentAgentOffline"
)

# Function to remove a template
function Remove-Template {
    param (
        [string]$TemplateName
    )
    try {
        Remove-CATemplate -Name $TemplateName -Force
        Write-Verbose "Successfully removed template: $TemplateName"
    } catch {
        Write-Verbose "Failed to remove template: $TemplateName. Error: $_"
    }
}

# Main script execution
Write-Verbose "Listing certificate templates..."
$templates = Get-CATemplate

foreach ($template in $templates) {
    if ($templatesToRemove -contains $template.Name) {
        Write-Verbose "Found template to remove: $($template.Name)"
        Remove-Template -TemplateName $template.Name
    }
}

Write-Verbose "Script execution completed."