问题
So I am backing up all the GPOs of a Domain Controller and I noticed that the way Backup-GPO cmdlet backs up the GPOS is so unfriendly. By default it creates a folder for every single GPO named after the "ID" which doesn't even match its "GPOID/GUID".
Here is an example, I will just backup a specific GPO:
backup-gpo -guid ff8de365-0842-46ab-9ac7-64ebd8dd4614 -path C:\
DisplayName : N12 Workstation Policy
GpoId : ff8de365-0842-46ab-9ac7-64ebd8dd4614
Id : dd33c220-bac8-4ebd-a9d9-7729fcea9c38
BackupDirectory : C:\
CreationTime : 20/10/2015 17:41:43
DomainName : martyn.local
This is the backup folder name that is created after issuing the previous command:
{DD33C220-BAC8-4EBD-A9D9-7729FCEA9C38}
If I try to Backup all the GPOs I get a folder for every single GPO. Is there any way of naming these folders basing on the GPO DisplayName rather than that unfriendly string?
This is what I would like to get:
N12 Workstation Policy
The reason why I want to do it like that is because if I want to re-import a single GPO in the future and I don't remember the name of the GPO how am I supposed to know which is the right GPO backup folder to import if I am using that awful name?
Thanks
回答1:
Backup each GPO to separate subfolders of your backup folder:
$invalidChars = ':\\/' + [RegEx]::Escape(-join [IO.Path]::InvalidPathChars)
$backupDir = 'C:\backup'
Get-GPO -All | ForEach-Object {
$name = $_.DisplayName -replace "[$invalidChars]", '_'
$gpoDir = Join-Path $backupDir -ChildPath $name
New-Item $gpoDir -Type Directory | Out-Null
Backup-GPO -Guid $_.Id -Path $gpoDir
}
The replacement is to remove characters that are invalid in a path from the name (the creation of the subfolder would fail if the name of the GPO contained for instance a >). As @briantist suggested in his comment it's better to derive the list of invalid characters from the respective IO.Path property than maintain the list by hand. You may need to manually add other problematic characters, though, specifically :. The colon is used for accessing alternate data streams, so it's technically a valid character in a path, but PowerShell doesn't support it.
来源:https://stackoverflow.com/questions/33255813/backup-gpos-basing-on-gpo-displayname-rather-than-id