As an architect, I will always try to convince customers to use the HA/DR (High Availability / Disaster Recovery) features built into Lync Server 2013. Still, there are those who for different reasons chooses not to install a fully HR/DR deployment (cost could be one of them). And for these customers, a sound backup is the only safety-net when it comes to DR. This is one of the reasons I have chosen to adapt the Lync 2010 backup script to Lync 2013.
Another good reason for this backup script, is for me as a consultant to make one real snap shot of how I left the deployment after completing a Lync project. If things go bad after a while, it is always good to have a reference of how things were when I left. I consider this backup as my own deep level documentation.
There is not much new in this script, except the changes made for 2013, as I posted back in
http://tech.rundtomrundt.com/2012/09/back-up-your-lync-2013-preview-standard.html.
The new changes to look out for are these:
Transcript and Log:
As the output of this script is to much for most Powershell Console buffers, and it might be hard to spot thos errors, I have enabled a transcript of the entire session to a logfile. The location of this is a the root of c:\
#################################################################
#
# Logging how it's implemented, these lines are found throughout the script
#
#################################################################
$date = "{0:yyyy_MM_dd-HH_mm}" -f (get-date)
$logfile = "c:\Backup_run_" + $date +".log"
Start-Transcript -Path $logfile -Append
# All commands are run with -verbose to capture information
Write-Output ("Finished at: " + (Get-Date -format yyyy-MM-dd-HH:mm:ss) + "A logfile has been created as " + $logfile);
Stop-Transcript
File rights issue during Backup
If you have read my recent posts on backup, you might remember the SQL backup job actually run as the service account which SQL is running on the remote SQL database server. And this account needs access to the share and folder where you try to do your backup to. If you are doing this to a folder with the "wrong" permissions, the SQL backup will fail. In my previous script, I added a share before backing up. With this script, I am also setting ACL's to the folder where i want to create the backup.
#################################################################
#
# I ran into some file rights issues when backing up the SQL
# Setting ACL on the target forlder of the SQL Backup
# Should not impose any security threat, as the share is removed in the end
#
#################################################################
$Acl = Get-Acl $filepath3
$Ar = New-Object system.security.accesscontrol.filesystemaccessrule("Everyone","FullControl","ContainerInherit, ObjectInherit", "None","Allow")
$Acl.SetAccessRule($Ar)
Set-Acl $filepath3 $Acl
Toplology backup
I have also added a line to ensure you have a xml file which can be imported to a topology builder.
#################################################################
#
# Creating a backup of your topology as an XML file
#
#################################################################
(Get-CsTopology -AsXml).ToString() > $backupfile12
Here's a summary of things you should know before you run this in your own lab:
- This script is for a Enterprise Edition Server.
- The script has only been tested in single site topology. I suspect adjustments must be made for deployments with more than one site (If anyone would do so, or let me have access to such a deployment, please let me know)
- This script has been tested with a co location of all databeses. If you require it to backup your Monitoring/archiving databases from seperate SQL servers, you must add these sources to the script.
- The script should be able to run without any modification or input, unless you want to use other paths than I have entered.
- The script must be run on a server where Lync PS is available.
- If the script must be run in a PS3 environment, and will load all nessecary modules automatically
- My script creates a directory C:\lyncbackup\, this may be edited if you like.
- Certificates will only be backed up if you allowed for this when requesting and creating certificates.
- Certificate backup is only done on the machine where the script is run
- The creation of the zipfile can take a while. The script finishes before the zipfile is finished (If anyone know how to wait for this task before quitting the script, please let me know).
- I highly recommend you test the script in your Lab, before running in your production environment
That's all for now. A copy of the script can be found here:
https://dl.dropbox.com/u/22417188/Lync%20scripts/Backupscript%20-%20Enterprise%20EDT%20v2%20%28Lync%202013%29.ps1
As always, I appreciate comments and feedback :)
Comments
Can I use this script for Lync 2013 Standard edition ?
so i changed a few lines to this:
if ($SQLInstanceINST)
{$SqlPath="$SQLInstanceSRV\$SQLInstanceINST\Databases"}
else
{$SqlPath="$SQLInstanceSRV\Default\Databases"}
Then everything went smooth :)
thought you might like to know the script throws out some exceptions when run across a system with applications on legacy platforms e.g. OCS 2007 R2. in my case, I had the following warnings (just in case your might want to include a check and skip legacy apps):
Export-CsRgsConfiguration : Cannot bind parameter 'Source' to the target.
Exception setting "Source": "The service with ID
"BackCompatSite-ApplicationServer-1" is not a wave 15 Application Server
instance."
At C:\LyncBackup\Lync-backup.ps1:130 char:35
+ Export-CsRgsConfiguration -source ApplicationServer:$($AS.PoolFqdn)
-FileName $b ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : WriteError: (:) [Export-CsRgsConfiguration], Par
ameterBindingException
+ FullyQualifiedErrorId : ParameterBindingFailed,Microsoft.Rtc.Rgs.Managem
ent.ExportOcsRgConfigurationCmdlet
Directory: C:\lyncbackup\2013_10_03-14_08\Userdata
Mode LastWriteTime Length Name
---- ------------- ------ ----
d---- 10/3/2013 2:08 PM lyncpool01.domain.com
d---- 10/3/2013 2:08 PM ocsr2.domain.com
Export-CsUserData : Cannot find a service with role name "UserServices". Use
the topology builder to set the dependency for the service.
At C:\LyncBackup\Lync-backup.ps1:142 char:1
+ Export-CsUserData -PoolFqdn $($US.PoolFqdn) -FileName $backupfile13 -Verbose}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Export-CsUserData], ItemNot
FoundException
+ FullyQualifiedErrorId : Cannot find a service with role name "UserServic
es". Use the topology builder to set the dependency for the service.,Micro
soft.Rtc.Management.BlobStore.ExportOcsUserStoreDataCmdlet
thought you might like to know the script throws out some exceptions when run across a system with applications on legacy platforms e.g. OCS 2007 R2. in my case, I had the following warnings (just in case your might want to include a check and skip legacy apps):
Export-CsRgsConfiguration : Cannot bind parameter 'Source' to the target.
Exception setting "Source": "The service with ID
"BackCompatSite-ApplicationServer-1" is not a wave 15 Application Server
instance."
At C:\LyncBackup\Lync-backup.ps1:130 char:35
+ Export-CsRgsConfiguration -source ApplicationServer:$($AS.PoolFqdn)
-FileName $b ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : WriteError: (:) [Export-CsRgsConfiguration], Par
ameterBindingException
+ FullyQualifiedErrorId : ParameterBindingFailed,Microsoft.Rtc.Rgs.Managem
ent.ExportOcsRgConfigurationCmdlet
Directory: C:\lyncbackup\2013_10_03-14_08\Userdata
Mode LastWriteTime Length Name
---- ------------- ------ ----
d---- 10/3/2013 2:08 PM lyncpool01.domain.com
d---- 10/3/2013 2:08 PM ocsr2.domain.com
Export-CsUserData : Cannot find a service with role name "UserServices". Use
the topology builder to set the dependency for the service.
At C:\LyncBackup\Lync-backup.ps1:142 char:1
+ Export-CsUserData -PoolFqdn $($US.PoolFqdn) -FileName $backupfile13 -Verbose}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Export-CsUserData], ItemNot
FoundException
+ FullyQualifiedErrorId : Cannot find a service with role name "UserServic
es". Use the topology builder to set the dependency for the service.,Micro
soft.Rtc.Management.BlobStore.ExportOcsUserStoreDataCmdlet
Not to surprised as this is a 2013 backupscript, and I have not made adjustments for an OCS environment.
I might look into a test-let to verify the version before running the commands.