Sunday, March 3, 2013

Backup your Lync Enterprise 2013 Server to one zip file

As an architect, I will always try to convince customers to use the HA/DR (High Availability / Disaster Recovery) features built into Lync Server 2013. Still, there are those who for different reasons chooses not to install a fully HR/DR deployment (cost could be one of them). And for these customers, a sound backup is the only safety-net when it comes to DR. This is one of the reasons I have chosen to adapt the Lync 2010 backup script to Lync 2013.

Another good reason for this backup script, is for me as a consultant to make one real snap shot of how I left the deployment after completing a Lync project. If things go bad after a while, it is always good to have a reference of how things were when I left. I consider this backup as my own deep level documentation.

There is not much new in this script, except the changes made for 2013, as I posted back in http://tech.rundtomrundt.com/2012/09/back-up-your-lync-2013-preview-standard.html.

The new changes to look out for are these:

Transcript and Log:
As the output of this script is to much for most Powershell Console buffers, and it might be hard to spot thos errors, I have enabled a transcript of the entire session to a logfile. The location of this is a the root of c:\
#################################################################
#
# Logging how it's implemented, these lines are found throughout the script
#
#################################################################
$date = "{0:yyyy_MM_dd-HH_mm}" -f (get-date)
$logfile = "c:\Backup_run_" + $date +".log"
Start-Transcript -Path $logfile -Append

# All commands are run with -verbose to capture information

Write-Output ("Finished at: " + (Get-Date -format  yyyy-MM-dd-HH:mm:ss) + "A logfile has been created as " + $logfile);
Stop-Transcript

File rights issue during Backup
If you have read my recent posts on backup, you might remember the SQL backup job actually run as the service account which SQL is running on the remote SQL database server. And this account needs access to the share and folder where you try to do your backup to. If you are doing this to a folder with the "wrong" permissions, the SQL backup will fail. In my previous script, I added a share before backing up. With this script, I am also setting ACL's to the folder where i want to create the backup.

#################################################################
#
# I ran into some file rights issues when backing up the SQL
# Setting ACL on the target forlder of the SQL Backup
# Should not impose any security threat, as the share is removed in the end
#
#################################################################

$Acl = Get-Acl $filepath3
$Ar = New-Object  system.security.accesscontrol.filesystemaccessrule("Everyone","FullControl","ContainerInherit, ObjectInherit", "None","Allow")
$Acl.SetAccessRule($Ar)
Set-Acl $filepath3 $Acl

Toplology backup
I have also added a line to ensure you have a xml file which can be imported to a topology builder.

#################################################################
#
# Creating a backup of your topology as an XML file
#
#################################################################

(Get-CsTopology -AsXml).ToString() > $backupfile12 

Here's a summary of things you should know before you run this in your own lab:

- This script is for a Enterprise Edition Server.
- The script has only been tested in single site topology. I suspect adjustments must be made for deployments with more than one site (If anyone would do so, or let me have access to such a deployment, please let me know)
- This script has been tested with a co location of all databeses. If you require it to backup your Monitoring/archiving databases from seperate SQL servers, you must add these sources to the script.
- The script should be able to run without any modification or input, unless you want to use other paths than I have entered.
- The script must be run on a server where Lync PS is available.
- If the script must be run in a PS3 environment, and will load all nessecary modules automatically
- My script creates a directory C:\lyncbackup\, this may be edited if you like.
- Certificates will only be backed up if you allowed for this when requesting and creating certificates.
- Certificate backup is only done on the machine where the script is run
- The creation of the zipfile can take a while. The script finishes before the zipfile is finished (If anyone know how to wait for this task before quitting the script, please let me know).
- I highly recommend you test the script in your Lab, before running in your production environment

That's all for now. A copy of the script can be found here: https://dl.dropbox.com/u/22417188/Lync%20scripts/Backupscript%20-%20Enterprise%20EDT%20v2%20%28Lync%202013%29.ps1

As always, I appreciate comments and feedback :)