Gordon Young gjyoung1974

## mac_osx_certenroll.sh
#!/bin/bash

#====================================================================================
# Name        : certenroll_mac.sh
# Author      : Gordon Young, gjyoung1974@gmail.com
# Version     : .01
# Copyright   : 2016 Gordon Young
# Description : A script to enroll a Mac OSX 10.11 device for a machine certificate
#			  : via a Microsoft Certificate Services CA
# Reference   : This script supports the requirements in

## submit_cert_requests.ps1
#################################################
#                                               #
#  A script to submit a batch of CSRs to a CA   #
#                                               #
#################################################

## put this script the directory with your certificate signing requetss
$files = Get-ChildItem ".\"

# be sure to adjust the $cmdArgs to reflect the appropriate certificate template

## AD Cert Cleanup.ps1
#Set up some variables for later use.
$seperator = "=",","
$ADConfiguration = Get-ADRootDSE | Select configurationNamingContext
$OIDPath = "AD:\CN=OID,CN=Public Key Services,CN=Services," + $ADConfiguration.configurationNamingContext.ToString()

#Pull the AD certificates from the object
$computerObject = Get-ADComputer -Filter *

#Forced to iterate through each computer so we can manipulate it later
ForEach ($computer in $ComputerObject.Name) {

## Issuing CA Pre-Install.ps1
## Load the ServerManager
Import-Module ServerManager

## Install the ADCS Certification Authority Feature
Add-WindowsFeature Adcs-Cert-Authority

# Install an issuing ca with the appropriate properties
Install-AdcsCertificationAuthority -CAType EnterpriseSubordinateCa -OverwriteExistingDatabase -OverwriteExistingKey -OverwriteExistingCAinDS -CACommonName "ACME DEV Issuing Certification Authority" -CADistinguishedNameSuffix “DC=CORP, DC=ACME,DC=com” -CryptoProviderName "RSA#Microsoft Software Key Storage Provider" -KeyLength 2048 -HashAlgorithmName SHA256

## Issuing CA Post Install.ps1
<#::::::::::::::::::::::::::::::::::::::::::::::::
:: 2017 Gordon Young, gjyoung1974@gmail.com	::
:: The purpose of this script			::
:: is to perform post installation		::
:: of an AD certificate services CA		::
::::::::::::::::::::::::::::::::::::::::::::::::::#>

##
# !!! The AIA and CDP values must be edited per each unique CA !!

## CAPolicy.inf
[Version]
Signature = "$Windows NT$"

[PolicyStatementExtension]
Policies = ManagementPolicy
Critical = 0
[ManagementPolicy]
OID = 2.16.840.1.114171.999.9.9
Notice = "BLAHBLAH stuff about the policy"
URL = "http://pki.gordonyoung.us/ACME_Certificate_Policy_and_Certification_Practice_Statement.pdf"

## ProtectFormattedData.py
#!/usr/bin/python
__author__ = 'gjyoung1974@gmail.com'

import xml.etree.ElementTree as ET # leverage ElementTree to parse the response
import http.client  # leverage the native HTTP Client

VoltageSDAURL = 'voltage-pp-0000.gordonyoung.us'  # Set the URL For the Voltage IBA SecureData Appliance
PlaintextPAN = '4444555566662222'  # Plaintext PAN to protect
ProtectionFormat = 'CC'  # Data Protection Format to use
Identity = 'gyoung@gordonyoung.us'  # IBE Identity

## sample_postgres.sql
-- Table: public.persons
CREATE TABLE public.persons
(
    personid integer,
    lastname character varying(255) COLLATE pg_catalog."default",
    firstname character varying(255) COLLATE pg_catalog."default",
    address character varying(255) COLLATE pg_catalog."default",
    city character varying(255) COLLATE pg_catalog."default"
)
WITH (

## service_now.js
// 2017 gjyoung1974@gmail.com
// A script to query service now
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"; //ignore the issuer certificate !!NEVER DO THIS IN PROD!!!
var https = require('https');

// set up our options
var options = {
   host: 'someplace.service-now.com',
   port: 443,
   path:'/api/now/table/sc_request',

## atom-config-storage.txt
#
	#!/bin/bash

	#====================================================================================
	# Name : certenroll_mac.sh
	# Author : Gordon Young, gjyoung1974@gmail.com
	# Version : .01
	# Copyright : 2016 Gordon Young
	# Description : A script to enroll a Mac OSX 10.11 device for a machine certificate
	# : via a Microsoft Certificate Services CA
	# Reference : This script supports the requirements in
	#################################################
	# #
	# A script to submit a batch of CSRs to a CA #
	# #
	#################################################

	## put this script the directory with your certificate signing requetss
	$files = Get-ChildItem ".\"

	# be sure to adjust the $cmdArgs to reflect the appropriate certificate template
	#Set up some variables for later use.
	$seperator = "=",","
	$ADConfiguration = Get-ADRootDSE \| Select configurationNamingContext
	$OIDPath = "AD:\CN=OID,CN=Public Key Services,CN=Services," + $ADConfiguration.configurationNamingContext.ToString()

	#Pull the AD certificates from the object
	$computerObject = Get-ADComputer -Filter *

	#Forced to iterate through each computer so we can manipulate it later
	ForEach ($computer in $ComputerObject.Name) {
	## Load the ServerManager
	Import-Module ServerManager

	## Install the ADCS Certification Authority Feature
	Add-WindowsFeature Adcs-Cert-Authority

	# Install an issuing ca with the appropriate properties
	Install-AdcsCertificationAuthority -CAType EnterpriseSubordinateCa -OverwriteExistingDatabase -OverwriteExistingKey -OverwriteExistingCAinDS -CACommonName "ACME DEV Issuing Certification Authority" -CADistinguishedNameSuffix “DC=CORP, DC=ACME,DC=com” -CryptoProviderName "RSA#Microsoft Software Key Storage Provider" -KeyLength 2048 -HashAlgorithmName SHA256
	<#::::::::::::::::::::::::::::::::::::::::::::::::
	:: 2017 Gordon Young, gjyoung1974@gmail.com ::
	:: The purpose of this script ::
	:: is to perform post installation ::
	:: of an AD certificate services CA ::
	::::::::::::::::::::::::::::::::::::::::::::::::::#>

	##
	# !!! The AIA and CDP values must be edited per each unique CA !!
	[Version]
	Signature = "$Windows NT$"

	[PolicyStatementExtension]
	Policies = ManagementPolicy
	Critical = 0
	[ManagementPolicy]
	OID = 2.16.840.1.114171.999.9.9
	Notice = "BLAHBLAH stuff about the policy"
	URL = "http://pki.gordonyoung.us/ACME_Certificate_Policy_and_Certification_Practice_Statement.pdf"
	#!/usr/bin/python
	__author__ = 'gjyoung1974@gmail.com'

	import xml.etree.ElementTree as ET # leverage ElementTree to parse the response
	import http.client # leverage the native HTTP Client

	VoltageSDAURL = 'voltage-pp-0000.gordonyoung.us' # Set the URL For the Voltage IBA SecureData Appliance
	PlaintextPAN = '4444555566662222' # Plaintext PAN to protect
	ProtectionFormat = 'CC' # Data Protection Format to use
	Identity = 'gyoung@gordonyoung.us' # IBE Identity
	-- Table: public.persons
	CREATE TABLE public.persons
	(
	personid integer,
	lastname character varying(255) COLLATE pg_catalog."default",
	firstname character varying(255) COLLATE pg_catalog."default",
	address character varying(255) COLLATE pg_catalog."default",
	city character varying(255) COLLATE pg_catalog."default"
	)
	WITH (
	// 2017 gjyoung1974@gmail.com
	// A script to query service now
	process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"; //ignore the issuer certificate !!NEVER DO THIS IN PROD!!!
	var https = require('https');

	// set up our options
	var options = {
	host: 'someplace.service-now.com',
	port: 443,
	path:'/api/now/table/sc_request',