diff --git a/Windows/BackupGPO.md b/Windows/BackupGPO.md new file mode 100644 index 0000000..3438e0b --- /dev/null +++ b/Windows/BackupGPO.md @@ -0,0 +1,84 @@ +# Method 1 - use a SMB - Networkshare as the backuptarget + +```powershell +$limit = (Get-Date).AddDays(-30) +$path = "\\NETWORKSHARE" + +# Delete files older than the $limit. +Get-ChildItem -Path $path -Recurse -Force | Where-Object { !$_.PSIsContainer -and $_.CreationTime -lt $limit } | Remove-Item -Force + +# Delete any empty directories left behind after deleting the old files. +Get-ChildItem -Path $path -Recurse -Force | Where-Object { $_.PSIsContainer -and (Get-ChildItem -Path $_.FullName -Recurse -Force | Where-Object { !$_.PSIsContainer }) -eq $null } | Remove-Item -Force -Recurse + +Backup-GPO -All -path $path -Comment "Backup done from SERVERNAME" +``` + +# Method 2 - use a SFTP Server as the backuptarget + +You have to keep in mind that you need script to autodelete old backups on the target. Maybe a cronjob for that part with the particular script would be a nice idea ;) + +To get the fingerprint of your hosts host_key file run this command and paste it behind the variable **$sftpfingerprint** +```bash +ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key +``` + +Script on DomainController +```powershell +# documentation for winscp can be found here: https://winscp.net/eng/docs/library_powershell +# prior to get this up and running you need ".NET assembly / COM library" from here https://winscp.net/eng/downloads.php + +$path = "C:\backup\gpos" #path for temporary storing all files +$temp = "C:\backup\gpos_$(Get-Date -Format 'yyyyMMdd-HHmmss').zip" #path for the zip file in 24h format +$sftpserver = "FQDN or IP" +$sftpuser = "sftpusername" +$sftpkeypath = "C:\Scripts\backupGPOs\privatekeyfile.ppk" #authentication with ppk file (password is possible as well, take a look at documentation) +$sftpfingerprint = "ssh-rsa 3072 aX....." #replace it with the value of the command from the host above +$winscppath = "C:\Scripts\backupGPOs\WinSCPnet.dll" #file from the zip you have downloaded before +$destinantion = "/backups/gpos/" #target on the SFTP Server + +Backup-GPO -All -path $path -Comment "Backup done from DC-04" + +# Load WinSCP .NET assembly +Add-Type -Path $winscppath + +# zip backup +$compress = @{ + Path = $path + CompressionLevel = "Fastest" + DestinationPath = $temp +} +Compress-Archive @compress + +# Setup session options +$sessionOptions = New-Object WinSCP.SessionOptions -Property @{ + Protocol = [WinSCP.Protocol]::Sftp + HostName = $sftpserver + UserName = $sftpuser + SshHostKeyFingerprint = $sftpfingerprint + SshPrivateKeyPath = $sftpkeypath +} + +$session = New-Object WinSCP.Session + +try +{ + # Connect + $session.Open($sessionOptions) + + # Upload + $session.PutFiles($temp, $destinantion).Check() +} +finally +{ + # Disconnect, clean up + $session.Dispose() +} + +# Delete files older than the $limit. +Get-ChildItem -Path $path -Recurse -Force | Where-Object { !$_.PSIsContainer } | Remove-Item -Force + +# Delete any empty directories left behind after deleting the old files. +Get-ChildItem -Path $path -Recurse -Force | Where-Object { $_.PSIsContainer -and (Get-ChildItem -Path $_.FullName -Recurse -Force | Where-Object { !$_.PSIsContainer }) -eq $null } | Remove-Item -Force -Recurse + +Remove-Item -Path $temp -Force +``` \ No newline at end of file diff --git a/Windows/BackupGPO.ps1 b/Windows/BackupGPO.ps1 deleted file mode 100644 index 60d60b8..0000000 --- a/Windows/BackupGPO.ps1 +++ /dev/null @@ -1,10 +0,0 @@ -$limit = (Get-Date).AddDays(-30) -$path = "\\NETWORKSHARE" - -# Delete files older than the $limit. -Get-ChildItem -Path $path -Recurse -Force | Where-Object { !$_.PSIsContainer -and $_.CreationTime -lt $limit } | Remove-Item -Force - -# Delete any empty directories left behind after deleting the old files. -Get-ChildItem -Path $path -Recurse -Force | Where-Object { $_.PSIsContainer -and (Get-ChildItem -Path $_.FullName -Recurse -Force | Where-Object { !$_.PSIsContainer }) -eq $null } | Remove-Item -Force -Recurse - -Backup-GPO -All -path $path -Comment "Backup done from SERVERNAME" \ No newline at end of file