-
Notifications
You must be signed in to change notification settings - Fork 40
/
Backup-GroupPolicy.ps1
127 lines (91 loc) · 4.22 KB
/
Backup-GroupPolicy.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
Import-Module GroupPolicy
function Backup-GroupPolicy {
<#
.SYNOPSIS
Backs up all existing Group Policies to a folder
.DESCRIPTION
Backs up all group policies to a folder named after the current date. Each group policy is saved in
its own sub folder. The folder name will be the name of the group policy.
Folder Name Example:
--------------------
C:\GPBackup\2018-12-21\Default Domain Policy
.PARAMETER Path
Specifies the path where the backups will be saved. The path can be a local folder or a network based folder.
This is a required parameter. Do not end the path with a trailing slash. A slash at the end will cause an error!
Correct format:
c:\backups or \\server\share
Incorrect Format:
c:\Backups\ or \\server\share\
.PARAMETER Domain
Specifies the domain to look for Group Policies. This is auto populated with the domain info from the PC running
the cmdlet.
.PARAMETER Server
Specifies the Domain Controller to query for group Policies to backup
.EXAMPLE
Backup-GroupPolicy -path C:\Backup
Description:
This example creates a backup of the GPO's and saves them to the c:\backup folder.
Since no server was specified, the code will search for the nearest Domain Controller.
.EXAMPLE
Backup-GroupPolicy -path C:\Backup -Domain nwtraders.local -Server DC01
Description:
This example creates a backup of GPO's in the nwtraders.local domain to the C:\Backup folder.
The backups will be pulled from the DC named DC01.
.NOTES
Name : Backup-GroupPolicy.ps1
Author : Mike Kanakos
Version : 1.2.0
DateCreated: 2018-12-19
DateUpdated: 2019-01-25
.LINK
https://github.com/compwiz32/PowerShell
#>
[CmdletBinding(SupportsShouldProcess=$true)]
param (
[Parameter(Mandatory=$True,Position=0)]
[string]
$Path,
[Parameter()]
[string]
$Domain = (Get-ADDomainController).Domain,
# Specify aliases for the Server parameter and support tab completion for domain controller names.
[Parameter()]
[Alias("DomainController","DC")]
[ArgumentCompleter( {
param ( $commandName, $parameterName, $wordToComplete, $commandAst, $fakeBoundParameters )
$possibleValues = @{ Server = (Get-ADDomainController -Filter *).Hostname }
if ($fakeBoundParameters.ContainsKey('Type')) { $possibleValues[$fakeBoundParameters.Type] | Where-Object { $_ -like "$wordToComplete*" } }
else { $possibleValues.Values | ForEach-Object {$_} }
} )]
$Server
) #End of Parameter Declarations
begin {
# Get a domain controller if none was specified with by server parameter
If (-Not $Server) { $Server = (Get-ADDomainController).Hostname }
# Get current GPO information
$GPOInfo = Get-GPO -All -Domain $domain -Server $Server
#Create a date-based folder to save backup of group policies
$Date = Get-Date -UFormat "%Y-%m-%d"
$UpdatedPath = "$Path\$Date"
If (-Not (Test-Path $UpdatedPath)) { New-item $UpdatedPath -ItemType directory | Out-Null }
Write-Host "GPOs will be backed up to $UpdatedPath" -backgroundcolor white -foregroundColor red
} #end of begin block
process {
ForEach ($GPO in $GPOInfo) {
Write-Host "Backing up GPO named: " -foregroundColor Green -nonewline
Write-Host $GPO.Displayname -foregroundColor White
#Assign temp variables for various parts of GPO data
$BackupInfo = Backup-GPO -Name $($GPO.DisplayName) -Domain $Domain -path $UpdatedPath -Server $Server
$GpoBackupID = $BackupInfo.ID.Guid
$GpoGuid = $BackupInfo.GPOID.Guid
$GpoName = $BackupInfo.DisplayName
$CurrentFolderName = $UpdatedPath + "\" + "{"+ $GpoBackupID + "}"
$NewFolderName = $UpdatedPath + "\" + $GPOName + "___" + "{"+ $GpoBackupID + "}"
$ConsoleOutput = $GPOName + "___" + "{"+ $GpoBackupID + "}"
#rename the newly created GPO backup sub folder from it's GPO ID to GPO Displayname + GUID
rename-item $CurrentFolderName -newname $NewFolderName
} #end ForEach loop
} #end of process block
end {
} #End of End block
} #end of function