Janik von Rotz


2 min read

Backup Active Directory Group Policies with PowerShell

Based on my last Active Directory backup script I’ve developed a similar script to backup all group policies.

What it does:

<#
$Metadata = @{
    Title = "Backup Active Directory Group Policies"
    Filename = "Backup-ADGroupPolicies.ps1"
    Description = ""
    Tags = "backup, active, directory, group, object, policy"
    Project = ""
    Author = "Janik von Rotz"
    AuthorContact = "https://janikvonrotz.ch"
    CreateDate = "2014-04-22"
    LastEditDate = "2014-04-22
    Url = ""
    Version = "0.0.0"
    License = @'
This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 Switzerland License.
To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/ch/ or 
send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA.
'@
}
#>

try{

    #--------------------------------------------------#
    # modules
    #--------------------------------------------------#
    
    Import-Module ActiveDirectory
    Import-Module GroupPolicy
    
    #--------------------------------------------------#
    # settings
    #--------------------------------------------------#

    $Path = "C:\backup\GroupPolicy"

    #--------------------------------------------------#
    # main
    #--------------------------------------------------#

    # create backup file name
    $Filename = "GroupPolicyFull" + "#" + $((Get-Date -Format s) -replace ":","-") + ".bak"
    $Filepath = Join-Path $Path $Filename

    # backup active directory
    Get-GPO -All | ForEach-Object{
    
        $GPOFilepath = Join-Path $Filepath $_.DisplayName    
        New-Item -Path $GPOFilepath -ItemType Directory
        Backup-GPO -Guid $_.ID -Path $GPOFilepath    
    }
    
    # get dates for backup retention exclusion
    $Today = Get-Date -Format d
    $FirstDateOfWeek = Get-Date (Get-Date).AddDays(-[int](Get-Date).Dayofweek) -Format d
    $FirstDateOfMonth = Get-Date -Day 1 -Format d

    # delete all backups except for today, first day of week and first day of month
    Get-ChildItem $Path | select *,@{L="CreationTimeDate";E={Get-Date $_.CreationTime -Format d}} | Group-Object CreationTimeDate | %{
        
        # only one backup per day
        if($_.Count -gt 1){
            
            $_.Group | Sort-Object CreationTime -Descending | Select-Object -Skip 1     
        }
                
        # keep only required backups
        $_.Group | Where-Object{$_.CreationTimeDate -ne $Today -and $_.CreationTimeDate -ne $FirstDateOfWeek -and $_.CreationTimeDate -ne $FirstDateOfMonth}
            
    } | Remove-Item -Recurse -Force
    
}catch{

    Write-PPErrorEventLog -Source "Backup ActiveDirectory Group Policies" -ClearErrorVariable
}

Latest version of this script: https://gist.github.com/11167763

Categories: scripting
Tags: backup , policy , powershell
Edit this page
Show statistic for this page