我正在尝试保护我的备份免遭勒索软件攻击(在共享上使用不同的非域密码),我将以下脚本与 Veeam Backup & Replication 社区版本结合使用
如果存储位置是我的域安全的一部分,那么脚本就可以很好地工作。例如,我找不到为非域 NAS 添加凭据的地方,这可行吗?我正在尝试为我在刚果工作的某个非政府组织做同样的事情
# Author: Vladimir Eremin
# Contributor: Trinh Nguyen (www.dangtrinh.com)
#
##################################################################
# User Defined Variables
##################################################################
# Names of VMs to backup separated by comma (Mandatory). For instance, $VMNames = “VM1”,”VM2”
$VMNames =
# Name of vCenter or standalone host VMs to backup reside on (Mandatory)
$HostName =
# Directory that VM backups should go to (Mandatory; for instance, C:\Backup) - IS IT POSSIBLE TO ADD CREDENTIALS HERE ?!!
$Directory = "\\10.1.5.111\VM-Backup"
# Desired compression level (Optional; Possible values: 0 - None, 4 - Dedupe-friendly, 5 - Optimal, 6 - High, 9 - Extreme)
$CompressionLevel = "5"
# Quiesce VM when taking snapshot (Optional; VMware Tools are required; Possible values: $True/$False)
$EnableQuiescence = $True
# Protect resulting backup with encryption key (Optional; $True/$False)
$EnableEncryption = $False
# Encryption Key (Optional; path to a secure string)
$EncryptionKey = ""
# Retention settings (Optional; By default, VeeamZIP files are not removed and kept in the specified location for an indefinite period of time.
# Possible values: Never , Tonight, TomorrowNight, In3days, In1Week, In2Weeks, In1Month)
$Retention = "In1Week"
##################################################################
# Notification Settings
##################################################################
# Enable notification (Optional)
$EnableNotification = $False
# Email SMTP server
$SMTPServer = "smtp.gmail.com"
# Email SMTP port
$SMTPPort = "587"
# Email SMTP user
$SMTPUser = "[email protected]"
# Email SMTP password
$SMTPPasswd = "mygmailpasswrod"
# Email FROM
$EmailFrom = "[email protected]"
# Email TO
$EmailTo = "[email protected]", "[email protected]"
# Email subject
$EmailSubject = "VeeamZIP backup - My VMWare backups"
##################################################################
# Email formatting
##################################################################
$style = "<style>BODY{font-family: Arial; font-size: 10pt;}"
$style = $style + "TABLE{border: 1px solid black; border-collapse: collapse;}"
$style = $style + "TH{border: 1px solid black; background: #dddddd; padding: 5px; }"
$style = $style + "TD{border: 1px solid black; padding: 5px; }"
$style = $style + "</style>"
##################################################################
# End User Defined Variables
##################################################################
#################### DO NOT MODIFY PAST THIS LINE ################
Asnp VeeamPSSnapin
$Server = Get-VBRServer -name $HostName
$MesssagyBody = @()
foreach ($VMName in $VMNames)
{
$VM = Find-VBRHvEntity -Name $VMName -Server $Server
If ($EnableEncryption)
{
$EncryptionKey = Add-VBREncryptionKey -Password (cat $EncryptionKey | ConvertTo-SecureString)
$ZIPSession = Start-VBRZip -Entity $VM -Folder $Directory -Compression $CompressionLevel -DisableQuiesce:(!$EnableQuiescence) -AutoDelete $Retention -EncryptionKey $EncryptionKey
}
Else
{
$ZIPSession = Start-VBRZip -Entity $VM -Folder $Directory -Compression $CompressionLevel -DisableQuiesce:(!$EnableQuiescence) -AutoDelete $Retention
}
If ($EnableNotification)
{
$TaskSessions = $ZIPSession.GetTaskSessions().logger.getlog().updatedrecords
$FailedSessions = $TaskSessions | where {$_.status -eq "EWarning" -or $_.Status -eq "EFailed"}
if ($FailedSessions -ne $Null)
{
$MesssagyBody = $MesssagyBody + ($ZIPSession | Select-Object @{n="Name";e={($_.name).Substring(0, $_.name.LastIndexOf("("))}} ,@{n="Start Time";e={$_.CreationTime}},@{n="End Time";e={$_.EndTime}},Result,@{n="Details";e={$FailedSessions.Title}})
}
Else
{
$MesssagyBody = $MesssagyBody + ($ZIPSession | Select-Object @{n="Name";e={($_.name).Substring(0, $_.name.LastIndexOf("("))}} ,@{n="Start Time";e={$_.CreationTime}},@{n="End Time";e={$_.EndTime}},Result,@{n="Details";e={($TaskSessions | sort creationtime -Descending | select -first 1).Title}})
}
}
}
If ($EnableNotification)
{
# $Message = New-Object System.Net.Mail.MailMessage $EmailFrom, $EmailTo
# $Message.Subject = $EmailSubject
# $Message.IsBodyHTML = $True
# $message.Body = $MesssagyBody | ConvertTo-Html -head $style | Out-String
# $SMTP = New-Object Net.Mail.SmtpClient($SMTPServer)
# $SMTP.Send($Message)
$secpasswd = ConvertTo-SecureString $SMTPPasswd -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ($SMTPUser, $secpasswd)
$MailSplat = @{
To = $EmailTo
From = $EmailFrom
Subject = $EmailSubject
Body = ($MesssagyBody | ConvertTo-Html -head $style | Out-String)
BodyAsHTML = $True
SMTPServer = $SMTPServer
port = $SMTPPort
Credential = $mycreds
}
Send-MailMessage @MailSplat -UseSsl
}
我如何添加以下内容
Add-VBRCredentials -Type Windows -User Administrator -Password "Password_1" -Description "Administrator Credentials"
Get-Credential | Add-VBRCredentials -Description "Administrator Credentials"
和这个 :
$vm = Find-VBRViEntity -Name "Tech"
$netcreds = Get-VBRCredentials -Name "Shared"
Start-VBRZip -Folder "D:\Repository\VeeamZIP" -Entity $vm -Compression 4 -DisableQuiesce -NetworkCredentials $netcreds -RunAsync