Unregister-ObjectIdentifier
Synopsis
Unregisters object identifier (OID) information from local computer, Active Directory or both sources.
Syntax
Unregister-ObjectIdentifier [-Value] <Oid2> [-UseActiveDirectory] [-Force] [-WhatIf] [-Confirm] [<CommonParameters>]
Description
Unregisters object identifier (OID) information from local computer, Active Directory or both sources. Additionally, the command accepts pipeline input from the following commands: Get-ObjectIdentifier and Get-ObjectIdentifierEx.
In order the command to succeed the caller must be granted with:
1) local administrator permissions — if an OID is registered locally.
2) Enterprise Admins permissions, or delegated Write permissions on OID container in Active Directory, if 'UseActiveDirectory' switch is enabled.
OID container in Active Directory is located under: CN=Public Key Services, CN=Services, <Configuration Naming Context>.
Parameters
-Value <Oid2>
Specifies an OID friendly name, value or System.Security.Cryptography.Oid2 object that contains information about OID to unregister. Only specified instance is unregistered. By default, the command attempts to unregister specified OID information from local machine only. In order to unregister OID information in Active Directory, use 'UseActiveDirectory' switch.
| Required? | True |
| Position? | 0 |
| Default value | |
| Accept pipeline input? | true (ByValue, ByPropertyName) |
| Accept wildcard characters? | False |
-UseActiveDirectory <SwitchParameter>
Specifies whether to perform registration removal from Active Directory too.
| Required? | False |
| Position? | named |
| Default value | |
| Accept pipeline input? | false |
| Accept wildcard characters? | True |
-Force <SwitchParameter>
By default, the script explicitly prompts you whether you want to remove OID registration with selected values. If you want to implement silent (quiet) installations — specify this parameter to suppress any prompts during OID registration removal.
| Required? | False |
| Position? | named |
| Default value | |
| Accept pipeline input? | false |
| Accept wildcard characters? | False |
-WhatIf <SwitchParameter>
Describes what would happen if you executed the command without actually executing the command.
| Required? | False |
| Position? | named |
| Default value | |
| Accept pipeline input? | false |
| Accept wildcard characters? | False |
-Confirm <SwitchParameter>
Prompts you for confirmation before executing the command.
| Required? | False |
| Position? | named |
| Default value | |
| Accept pipeline input? | false |
| Accept wildcard characters? | False |
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, InformationAction, InformationVariable,
WarningAction, WarningVariable, OutBuffer, PipelineVariable and OutVariable.
For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/?LinkID=113216).
Inputs
System.Security.Cryptography.Oid2
Outputs
None.
Notes
Author: Vadims Podans
Blog: https://www.sysadmins.lv
Examples
Example 1
PS C:\> Unregister-ObjectIdentifier -Value "Remote Desktop Authentication" -UseActiveDirectory
Unregisters a custom OID that was previously registered in Active Directory.
Example 2
PS C:\> Get-ObjectIdentifierEx -Value "Company smart card policy" -UseActiveDirectory | Unregister-ObjectIdentifier
Gets information about OID registration with friendly name 'Company smart card policy' and deletes all OID registrations from local system and Active Directory.
Related links
Get-ObjectIdentifier
Get-ObjectIdentifierEx
Register-ObjectIdentifier
Minimum PowerShell version support
- PowerShell 3.0
Operating System Support
- Windows Vista
- Windows 7
- Windows 8
- Windows 8.1
- Windows 10
- Windows Server 2008 all editions
- Windows Server 2008 R2 all editions
- Windows Server 2012 all editions
- Windows Server 2012 R2 all editions
- Windows Server 2016 all editions