Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
PowerShell: Backup Active Directory Group Policies#PowerShell#ActiveDirecoty
<#
$Metadata = @{
Title = "Backup Active Directory Group Policies"
Filename = "Backup-ADGroupPolicies.ps1"
Description = ""
Tags = "backup, active, directory, group, object, policy"
Project = ""
Author = "Janik von Rotz"
AuthorContact = "http://janikvonrotz.ch"
CreateDate = "2014-04-22"
LastEditDate = "2014-04-22
Url = ""
Version = "0.0.0"
License = @'
This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 Switzerland License.
To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/ch/ or
send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA.
'@
}
#>
try{
#--------------------------------------------------#
# modules
#--------------------------------------------------#
Import-Module ActiveDirectory
Import-Module GroupPolicy
#--------------------------------------------------#
# settings
#--------------------------------------------------#
$Path = "C:\backup\GroupPolicy"
#--------------------------------------------------#
# main
#--------------------------------------------------#
# create backup file name
$Filename = "GroupPolicyFull" + "#" + $((Get-Date -Format s) -replace ":","-") + ".bak"
$Filepath = Join-Path $Path $Filename
# backup active directory
Get-GPO -All | ForEach-Object{
$GPOFilepath = Join-Path $Filepath $_.DisplayName
New-Item -Path $GPOFilepath -ItemType Directory
Backup-GPO -Guid $_.ID -Path $GPOFilepath
}
# get dates for backup retention exclusion
$Today = Get-Date -Format d
$FirstDateOfWeek = Get-Date (Get-Date).AddDays(-[int](Get-Date).Dayofweek) -Format d
$FirstDateOfMonth = Get-Date -Day 1 -Format d
# delete all backups except for today, first day of week and first day of month
Get-ChildItem $Path | select *,@{L="CreationTimeDate";E={Get-Date $_.CreationTime -Format d}} | Group-Object CreationTimeDate | %{
# only one backup per day
if($_.Count -gt 1){
$_.Group | Sort-Object CreationTime -Descending | Select-Object -Skip 1
}
# keep only required backups
$_.Group | Where-Object{$_.CreationTimeDate -ne $Today -and $_.CreationTimeDate -ne $FirstDateOfWeek -and $_.CreationTimeDate -ne $FirstDateOfMonth}
} | Remove-Item -Recurse -Force
}catch{
Write-PPErrorEventLog -Source "Backup ActiveDirectory Group Policies" -ClearErrorVariable
}
<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo>
<Date>2013-10-07T09:08:50.3896932</Date>
<Author>Janik von Rotz(http://janikvonrotz.ch)</Author>
<Description>Backup ActiveDirectory Group Policies</Description>
</RegistrationInfo>
<Triggers>
<CalendarTrigger>
<StartBoundary>2013-01-01T05:00:00</StartBoundary>
<Enabled>true</Enabled>
<ScheduleByDay>
<DaysInterval>1</DaysInterval>
</ScheduleByDay>
</CalendarTrigger>
</Triggers>
<Settings>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<DisallowStartIfOnBatteries>true</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
<AllowHardTerminate>true</AllowHardTerminate>
<StartWhenAvailable>false</StartWhenAvailable>
<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
<IdleSettings>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
<AllowStartOnDemand>true</AllowStartOnDemand>
<Enabled>true</Enabled>
<Hidden>false</Hidden>
<RunOnlyIfIdle>false</RunOnlyIfIdle>
<WakeToRun>false</WakeToRun>
<ExecutionTimeLimit>P1D</ExecutionTimeLimit>
<Priority>7</Priority>
</Settings>
<Actions Context="Author">
<Exec>
<Command>$PSapps.PowerShell</Command>
<Arguments>$(Get-ChildItem -Path $PSscripts.Path -Filter "Backup-ADGroupPolicies.ps1.ps1" -Recurse).Fullname</Arguments>
<WorkingDirectory>$PSProfile.Path</WorkingDirectory>
</Exec>
</Actions>
</Task>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.