none
DHCP Server Backup from Powershell script RRS feed

  • Question

  • Hi,

    On my Windows Server 2012 I create powershell script to backup DHCP Server.

    Backup-DhcpServer -path "location"

    And I will compress it to zip file in the same script

    Add-Type -Assembly "System.IO.Compression.FileSystem" ;
    [System.IO.Compression.ZipFile]::CreateFromDirectory($zipsource, $ziptarget ) ;

    I add my script to Task Scheduler and run it on domain user (user to scripts and services) - with highest privileges.

    When Task Scheduler running task - they make backup(correct) and zip file, but zip file have 1kb size.

    When I check secuirty files form backup I saw my user haven't permission to files and they can't compress this to zip file.

    I try to use ACL in my script:

    $Acl = Get-Acl "location"
    
    $Ar = New-Object System.Security.AccessControl.FileSystemAccessRule("user", "FullControl", "Allow")
    
    $Acl.SetAccessRule($Ar)
    Set-Acl "location" $Acl

    But I get error:

    Set-Acl : The security identifier is not allowed to be the owner of this object.

    How can I compress backup files without use domain admin?

    Friday, August 2, 2019 9:47 AM

All replies

  • Hi,

    Thanks for your question.

    Maybe you can try to use "Compress-Archive" cmdlet to compress your backup file.

    backup-dhcpserver -path "c:\test\"
    Compress-Archive -path "C:\test\DhcpCfg" -DestinationPath "c:\test\test1\BACKUP.zip"

    https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.archive/compress-archive?view=powershell-6

    About the "set-acl" error, you can try to replace "get-acl".

    $Acl = (Get-Item $path).GetAccessControl('Access')
    
    $Ar = New-Object System.Security.AccessControl.FileSystemAccessRule("user", "FullControl", "Allow")
    
    $Acl.SetAccessRule($Ar)
    Set-Acl "location" $Acl

    https://stackoverflow.com/questions/6622124/why-does-set-acl-on-the-drive-root-try-to-set-ownership-of-the-object

    Best regards,

    Lee



    Just do it.

    Monday, August 5, 2019 9:41 AM
  • Thanks Lee for replies.

    When I update my powershell on server and when I use your commands it's works, but not completely...

    Permission was change on all files, but not at file without extensions(in backup files DHCP is was be one file without extensions).

    Acl doesn't work on files without extensions.

    I think is good idea was be add change name file with extensions before I use Acl and after change file name I will change to name without extensions. 

    How can I change file name to add to it extensions and next change file name to remove extensions from file with powershell?


    • Edited by dr Clays Tuesday, August 6, 2019 11:20 AM
    Tuesday, August 6, 2019 11:19 AM