AD Backups in PowerShell

#powershell #active_directory #backups

The vast majority of sources I checked while trying to re-work our existing backups use the same basic script that invoke wbadmin.exe to initiate an image of the server, but that isn't real PowerShell and just won't do. I more or less copied my code from the official docs for Start-WBBackup.

Note

This is a universal solution for any Windows Server, not just AD. I also use this to backup my CA (In addition to my file based backup script.

I added a timer into my script because this tends to take a while and if you see a large variation in the time you may be alerted to other issues you have in your infrastructure which is nice.

Code

$log = 'C:\serverImage_backup.log'    
Start-Transcript $log        

#Requires -RunAsAdministrator

# --- Initializations --- #
If (Test-Path '.\send-mail\send-mail.ps1') {
    . .\send-mail\send-mail.ps1
    } Else {
    Throw "send-mail is missing"
}

# --- Declarations --- #
# user vars
$backupLocation = "\\dsk7\backups-smb\images\"

# make a timer
$timer = New-Object -TypeName System.Diagnostics.Stopwatch

# use an array to catch bad things and put it in our email
$failureArray = @()

# --- Functions --- #
Function mail {
    # stop must be here so that the file can be unlocked whenever we want to mail
    Stop-Transcript
    If ($failureArray.Count -gt 0) {
        $result = 'failure'
    } Else {
        $result = 'success'
    }
    send-mail -to 'user@contoso.com' -subject "Image Backup on $env:COMPUTERNAME $result" -body "Time: $time Failures: $failureArray" -attachment $log
}

# --- Execution --- #
# create our backup policy
$policy = New-WBPolicy
Add-WBSystemState $policy
Add-WBBareMetalRecovery $Policy
Set-WBVssBackupOptions -Policy $policy -VssCopyBackup
$backupTarget = New-WBBackupTarget -NetworkPath $backupLocation
Add-WBBackupTarget -Policy $Policy -Target $backupTarget

# run it
Try {
    $timer.Start()
    Start-WBBackup -Policy $policy
} Catch {
    $failureArray += 'WBBackup failure'
    Write-Host $_
    mail
    Throw 'WBBackup failure'
}
Finally {
    Get-WBSummary
    $timer.Stop()
    $time = $timer.Elapsed
}

# --- Ending Tasks --- #
mail
Note

This script utilizes my email script submodule.

Recovery

With Windows install media on a new VM or bare-metal

Note

You can do this recovery via a network share (easiest) or from files on a disk. If you have various network issues related to drivers or virtualization you will want to try it from files on a disk.

To get files onto a VM mount a disk in a working VM to copy files then mount that disk into the recovering VM. You should put the WindowsImageBackup directory into the root of the disk you want to use for this.

Error 8007001F

I had this error when trying to do a GUI based network restore on my VMs. I tried VBox, Hyper-V and XCP-NG with the same error. Regardless of path, name vs IP and networking method. I fell back to the CLI method listed here because of it.

Using GUI

  1. Boot up your install media and choose "Next"

    ServerBackupRecovery00.png

  2. Do not choose "Install now", choose "Repair your computer" in the lower left

    ServerBackupRecovery01.png

  3. Choose "Troubleshoot" then "System Image Recovery"

    ServerBackupRecovery02.png

    ServerBackupRecovery03.png

  4. On the next screen you will get a notice about having no backups, hit "Cancel" then "Next"

Note

If you do not get a notice then you likely have backups on a mounted disk. You can attempt to restore them and skip the rest of this document.

!ServerBackupRecovery4.PNG

!ServerBackupRecovery5.PNG

  1. Assuming we got the prompt in step 4 then we will see a grid with no entries, choose "Advanced"

    ServerBackupRecovery06.png

  2. Choose "Search for a system image on the network" and hit "yes" to initialize the network.

    ServerBackupRecovery07.png

    ServerBackupRecovery08.png

  3. You should see a prompt for a network path, the installer has no DNS so we will use the IP of your NAS or Share server and the path to the directory holding the "WindowsImageBackup".

Note

The path should not include "WindowsImageBackup", it should be one directory higher and will be the directory on line 17 of our backup script above.

!ServerBackupRecovery9.PNG

Important

From this point on I had errors. You can continue to follow these docs if you are lucky enough not to have them.

!ServerBackupRecovery10.PNG

Using CLI

I used CLI for my test recoveries, which is probably better to test anyway, due to errors listed above.

  1. Follow steps 1 and 2 above but instead of "System Image Recovery" in Step 3 choose "Command Prompt"
  2. Initialize your network with start /w wpeinit and then check for a valid IP with ipconfig
Important

If you have no IP you may need to look into side-loading drivers into your image. I have never done it so you will need to google that.

Note

If you need a static IP you can assign one with netsh interface ip set address "Interface Name" static <ipaddress> <subnet mask> <gateway>

  1. You can check for backups on your share with wbadmin get versions -backuptarget:\\<server_IP>\<share_name>. You will be prompted for credentials (if required, the username must be in the "DOMAIN\user" format).
Important

There may be no DNS in your install environment, I recommend just using an IP for the server address.

Note

If you have more than 1 server backed up to this directory you will be given a list of server names that are present. If you only have one server backed up to this location you will not see this screen and can skip to step 5.

!ServerBackupRecovery11.PNG

!ServerBackupRecovery12.PNG

  1. If you have more than one server returned we need to add -machine:<server name> onto our previous command.

    ServerBackupRecovery013.png

  2. Now to do the actual recovery, you will need the "Version identifier:" from your CMD window and we will use the following command, wbadmin start sysrecovery -machine:<server name> -version:<version> -backuptarget:\\<server_IP>\<share_name> -recreateDisks

Note

If you did not need -machine to get your list of backups you do not need it in the command above either.

Important

The -recreateDisks flag destroys all data on your local disks and replaces it with out backup. If you want to do another type of recovery please see the sysrecovery documentation.

Important

You can not restore to dissimilar firmware types i.e. (BIOS to UEFI) or vice versa.

!ServerBackupRecovery14.PNG

Note

The restoration will run for a while and print its status out periodically.

!ServerBackupRecovery15.PNG

  1. When it is done you will get a summary of what is restored, then you can reboot the host and get back into Windows.

    ServerBackupRecovery016.png

References

Backup scripts, ideas, and details

Docs on WBAdmin.exe

Docs on WindowsServerBackup PowerShell module

Docs on restoration/recovery