justincjahn/npsSync.ps1

## npsSync.ps1
<#
    .SYNOPSIS
    Safely restores NPS server configuration using the specified directory.

    .DESCRIPTION
    Performs a backup of the currently running NPS server and restores the
    database from a remote location.

    Version: 0.0.1
    Author:  Justin "4sak3n 0ne" Jahn
    Company: Yuma Educational Technology Consortium
    License: GNU Lesser General Public License <http://www.gnu.org/copyleft/lesser.html>

    .INPUTS
    This script requires no inputs from the pipeline.

    .OUTPUTS
    This script sends no outputs to the pipeline.

    .NOTES
    There are a few different return codes available for use:

    0: Everything has run successfully.
    1: There was an error with the filesystem paths and/or restore.
    2: The current user does not have sufficient priveledges to perform this operation.
    3: An unknown error has occurred.

    .PARAMETER Parent
    The location in which to pull down the NPS Backup to by syncronized.

    .PARAMETER Sync
    The location in which to store the parent NPS Backup locally.
    The default is "C:\nps\sync.xml".

    .PARAMETER Backup
    The location in which to store the backup of the local NPS server.
    The default is "C:\nps\backup.xml".
#>
param(
    [parameter(Mandatory=$true)][string]$Parent,
    [parameter(Mandatory=$false)][string]$Sync   = $env:SystemDrive + "\nps\sync.xml",
    [parameter(Mandatory=$false)][string]$Backup = $env:SystemDrive + "\nps\backup.xml"
);

#
# Administrator Check
#
$oUser   = [System.Security.Principal.WindowsIdentity]::GetCurrent();
$oSecure = New-Object Security.Principal.WindowsPrincipal $oUser;
$bAdmin  = $oSecure.IsInRole([Security.Principal.WindowsBuiltInRole]::"Administrator");
$bSystem = $oUser.IsSystem;
If (-NOT $bAdmin -AND -NOT $bSystem) {
    Write-Error "You do not have Administrator rights to run this script.";
    exit 2;
}

#
# Check for IAS
#
$oService = Get-Service | where {$_.Name -match "IAS"};
if ($oService -eq $null) {
    Write-Warning "NPS Server is not installed.";
    exit 0;
}

#
# Sanity checks
#
try {
    # Make sure the paths are not files.  This will cause
    ## obvious issues.
    if ((Test-Path $Backup -PathType Container)) { Throw $Backup; }
    if ((Test-Path $Sync -PathType Container)) { Throw $Sync; }

    # Test to see if the backup directory exists.
    if (!(Test-Path $Backup)) {
        # Create the new directory
        New-Item -type file -force -path $Backup;
    }

    # Test to see if the sync directory exists.
    if (!(Test-Path $Sync)) {
        # Create the new directory
        New-Item -type file -force -path $Sync;
    }
} catch [system.string] {
    $sError = "The path {0} is a directory, not a file.";
    $sError = $sError -f $Error[0];

    Write-Error $sError;
    exit 1;
} catch {
    Write-Error $Error[0];
    exit 3;
}

#
# Backup the NPS server
#
try {
    netsh nps export filename="$Backup" exportPSK=YES;
} catch {
    # If this has failed, then we shouldn't continue
    ## with the sync.
    $sError = "Unable to backup NPS to: {0}";
    $sError = $sError -f $Backup;

    Write-Error $sError;
    exit 1;
}

#
# Perform the restore.
#
try {
    # Try to copy the files and folders from the parent server
    if ((Test-Path $Parent -PathType leaf)) {
        Copy-Item $Parent -dest $Sync -force;
    } else {
        $sError = "Unable to locate parent file: {0}";
        $sError = $sError -f $Parent;

        throw $sError;
    }

    # Perform the restore on the file
    netsh nps import filename="$Sync";

    # Sanity check
    if ($lastexitcode -gt 0) {
        $sError = "Unable to restore from directory: {0}";
        $sError = $sError -f $Sync;

        throw $sError;
    }
} catch {
    # Tell them there was an error
    Write-Error $Error[0];

    # Perform the restore
    Write-Warning "Performing rollback operation..."
    netsh nps import filename="$Backup"
    Restart-Service IAS -Force;

    # Throw an error code
    exit 1;
} finally {
    Restart-Service IAS -Force;
}
	<#
	.SYNOPSIS
	Safely restores NPS server configuration using the specified directory.

	.DESCRIPTION
	Performs a backup of the currently running NPS server and restores the
	database from a remote location.

	Version: 0.0.1
	Author: Justin "4sak3n 0ne" Jahn
	Company: Yuma Educational Technology Consortium
	License: GNU Lesser General Public License <http://www.gnu.org/copyleft/lesser.html>

	.INPUTS
	This script requires no inputs from the pipeline.

	.OUTPUTS
	This script sends no outputs to the pipeline.

	.NOTES
	There are a few different return codes available for use:

	0: Everything has run successfully.
	1: There was an error with the filesystem paths and/or restore.
	2: The current user does not have sufficient priveledges to perform this operation.
	3: An unknown error has occurred.

	.PARAMETER Parent
	The location in which to pull down the NPS Backup to by syncronized.

	.PARAMETER Sync
	The location in which to store the parent NPS Backup locally.
	The default is "C:\nps\sync.xml".

	.PARAMETER Backup
	The location in which to store the backup of the local NPS server.
	The default is "C:\nps\backup.xml".
	#>
	param(
	[parameter(Mandatory=$true)][string]$Parent,
	[parameter(Mandatory=$false)][string]$Sync = $env:SystemDrive + "\nps\sync.xml",
	[parameter(Mandatory=$false)][string]$Backup = $env:SystemDrive + "\nps\backup.xml"
	);

	#
	# Administrator Check
	#
	$oUser = [System.Security.Principal.WindowsIdentity]::GetCurrent();
	$oSecure = New-Object Security.Principal.WindowsPrincipal $oUser;
	$bAdmin = $oSecure.IsInRole([Security.Principal.WindowsBuiltInRole]::"Administrator");
	$bSystem = $oUser.IsSystem;
	If (-NOT $bAdmin -AND -NOT $bSystem) {
	Write-Error "You do not have Administrator rights to run this script.";
	exit 2;
	}

	#
	# Check for IAS
	#
	$oService = Get-Service \| where {$_.Name -match "IAS"};
	if ($oService -eq $null) {
	Write-Warning "NPS Server is not installed.";
	exit 0;
	}

	#
	# Sanity checks
	#
	try {
	# Make sure the paths are not files. This will cause
	## obvious issues.
	if ((Test-Path $Backup -PathType Container)) { Throw $Backup; }
	if ((Test-Path $Sync -PathType Container)) { Throw $Sync; }

	# Test to see if the backup directory exists.
	if (!(Test-Path $Backup)) {
	# Create the new directory
	New-Item -type file -force -path $Backup;
	}

	# Test to see if the sync directory exists.
	if (!(Test-Path $Sync)) {
	# Create the new directory
	New-Item -type file -force -path $Sync;
	}
	} catch [system.string] {
	$sError = "The path {0} is a directory, not a file.";
	$sError = $sError -f $Error[0];

	Write-Error $sError;
	exit 1;
	} catch {
	Write-Error $Error[0];
	exit 3;
	}

	#
	# Backup the NPS server
	#
	try {
	netsh nps export filename="$Backup" exportPSK=YES;
	} catch {
	# If this has failed, then we shouldn't continue
	## with the sync.
	$sError = "Unable to backup NPS to: {0}";
	$sError = $sError -f $Backup;

	Write-Error $sError;
	exit 1;
	}

	#
	# Perform the restore.
	#
	try {
	# Try to copy the files and folders from the parent server
	if ((Test-Path $Parent -PathType leaf)) {
	Copy-Item $Parent -dest $Sync -force;
	} else {
	$sError = "Unable to locate parent file: {0}";
	$sError = $sError -f $Parent;

	throw $sError;
	}

	# Perform the restore on the file
	netsh nps import filename="$Sync";

	# Sanity check
	if ($lastexitcode -gt 0) {
	$sError = "Unable to restore from directory: {0}";
	$sError = $sError -f $Sync;

	throw $sError;
	}
	} catch {
	# Tell them there was an error
	Write-Error $Error[0];

	# Perform the restore
	Write-Warning "Performing rollback operation..."
	netsh nps import filename="$Backup"
	Restart-Service IAS -Force;

	# Throw an error code
	exit 1;
	} finally {
	Restart-Service IAS -Force;
	}