Recently we found some Native Mode computers that had expired computer certificates. When this happens the client becomes unhealth and thus stops responding. Until the cert is renewed it will just sit in a dead state. Well instead of working "reactively" I want to be "proactive." Now I have found several differnet reasons for certificate renewal errors which I have document one or more here in my blog. With my latest work with Sherry Kissinger, another MVP in the ConfigMgr area we were able to create a VBscript that would pull the cert data and inject into WMI so it can be pulled at inventory time. Since the expiration date (and count down in days) is pulled a report can be run that will tell you if a computer is getting ready to expire or has already occured.
The only difficult issue is that it relies on Capicom, which some admins don't use. It will attempt to register the dlls so it can inventory. I haven't found a better way to do this. .NET offers some but again you are dependent on an installtion of .NET and some other assemblies. Well hopefully I can have some others confirm this works correctly in their test enviroments. I will then post the code here, link from the original post in the Technet Forums and move it into production.
