Cisco Meeting Server - Automatic Backups

Friday, May 19, 2017

The below steps can be followed to setup automatic backups of the Cisco Meeting Server (CMS) using a Windows host. For similar steps for Linux, refer to the Acano Knowledge Base article here. The first steps involve creating a CMS user that can be used for SSH & SFTP, and generation of a private/public key pair. Once those steps are done, using PowerShell you can automatically back up your CMS by utilising the Windows Scheduler.

Download putty.exe, puttygen.exe, psftp.exe, and plink.exe from here.
Using putty SSH to the CMS and create a new user for performing automatic backups. For this example, backupuser is the username for this purpose.

cms-automatic-backups-01

Open puttygen.exe, click Generate, you will need to move the mouse cursor around the Key area of the puttygen window.
Once the generation completes click Save private key.

cms-automatic-backups-02

In the Key area select all the text from ssh-rsa (inclusive) to ‘==’ (inclusive). E.g.

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAq5Se1T6M9oZdDz4ugkTdzWGkijHRGKV6CRbK+9pW8CvZ2kX9/i4ZVHt7i9qCP7dUxEn670XBp1snmZzhlsLpiaLrSyMIVuyt/MtRIdyE6wL+zPW3kQrCDJfrV74uKioC81I1njKv1Fcc2iNxwZih+yzHJUZB+xHyqTOxiCH0M7DOrtEAjN//AXQd0xvWgyF4ZZBZrGnckl02bvswSbPtYlpqktpJgIMko2ghJC4DgN28tOBvDSfWSB3y8T5ovv90m2vOJuKPqLYUMKhF6d847br1dePsKr102qU85bawebDWFFIBR0NsWPXNNDPTDW+o9WP8Tn+lA1/msdZk7PrGXQ==

Using notepad paste this text onto a single line and save it as backupuser.pub, noting the filename matches the name of the user created earlier.
Using an SFTP client such as WinSCP, copy the backupuser.pub file to the CMS.

cms-automatic-backups-03

Using putty SSH to CMS, entering the host address in the format of @ as shown in the below. Before clicking Open, move to the next step.

cms-automatic-backups-04

Expand the Putty navigation and click Connection > SSH > Auth. Click Browse and select the private key saved earlier (with extension .ppk).

cms-automatic-backups-05

Click Open.
Enter a password for the user as prompted.

cms-automatic-backups-06

At this point, it is now possible to SSH to the CMS using the steps above without requiring the user’s password. The example PowerShell script below can now be used in concert with the Windows Task Scheduler to perform automatic backups of the CMS.

Example script:

<#
.SYNOPSIS
    This PowerShell script is used to backup CMS Servers.
.DESCRIPTION
    This PowerShell script is used to backup CMS Servers. It depends on plink.exe and 
  psftp.exe. It also needs appropriate CMS user configuration and public/private keys.
.LINK
    .
.NOTES
    .
.PARAMETER Path
    The path to the .
.PARAMETER LiteralPath
    Specifies a path to one or more locations. Unlike Path, the value of 
    LiteralPath is used exactly as it is typed. No characters are interpreted 
    as wildcards. If the path includes escape characters, enclose it in single
    quotation marks. Single quotation marks tell Windows PowerShell not to 
    interpret any characters as escape sequences.
#>

# Command line parameters
[CmdletBinding()]
Param(
    [Parameter(Mandatory=$True, HelpMessage="The CMS IP Address")]
        #The CMS IP Address
        [string]$ip_address,
    [Parameter(Mandatory=$True, HelpMessage="The CMS backup user name")]
        #The CMS backup user name
        [string]$user_name,
  [Parameter(Mandatory=$True, HelpMessage="The CMS backup users private key e.g. username.ppk")]
        #The CMS backup users private key e.g. username.ppk
        [string]$private_key,
  [Parameter(Mandatory=$True, HelpMessage="The plink.exe path")]
        #The plink.exe path
        [string]$PLINK,
  [Parameter(Mandatory=$True, HelpMessage="The psftp.exe path")]
        #The psftp.exe path
        [string]$PSFTP
)

$timstamp = Get-Date -UFormat "%Y%m%d"
$hostname = invoke-expression "$PLINK -ssh -i $private_key backupuser@$ip_address hostname"
$backup_filename = $timstamp + "_" + $hostname
$plink_command = "backup snapshot " + $backup_filename
$conn_string = $user_name + "@" + $ip_address

# Execute the PLINK backup snapshot command
Invoke-Expression "$PLINK -ssh -i $private_key $conn_string $plink_command"

# Construct the batch.txt in the working directory
$psftp_command = "mget " + $backup_filename + ".bak *.crt *.key *.lic"
$psftp_command | Out-File "batch.txt" -Encoding default

sleep -Seconds 2

# Execute PSFTP batch command
Invoke-Expression "$PSFTP -i $private_key -batch -b batch.txt $conn_string" 2> $null

# Remove the batch.txt file
rm "batch.txt"

Usage:

`1`	`PS C:\> .\CmsBackup.ps1 -ip_address 192.168.44.122 -user_name backupuser -private_key C:\backupuser.ppk -PLINK C:\plink.exe -PSFTP C:\psftp.exe`