Ever do something to a NetScaler, and want to roll back? Wouldn’t it be handy to have a text backup somewhere else to dig through this configuration, without having to unzip a full NetScaler backup file?
Well this script should do this for you. It will read through a text file and for every entry in the file it will connect to the NetScaler with a securely encoded password and download the ns.conf. Then it will rename this ns.conf file to the NetScaler name/IP along with the date stamp as to when the backup was created.
The second script will connect to the NetScalers over RestAPI instead of SFTP to get the running configuration that might not have been saved yet.
Saved NS config
# -----Netscaler Config collection tool
# Created by Jeff Riechers
# www.jeffriechers.com
#
# You will need to install powershell module POSH-SSH with the below command.
#
# install-module posh-ssh
#
# --Set Netscaler OS Creds--
#
# Generate a secure password file from the machine that will run the script, an example is show below. This just needs to be run once.
#
# "P@ssword1" | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString | Out-File "C:\Temp\Password.txt"
#
# Place that txt file where it can be securely accessed, and set that path and txt file name below.
# You will want to use the same account for each NetScaler. Limit the access to the NetScaler for read only.
# Make sure to limit access to this powershell script, so that no one adds anything malicious to this script.
# Once the script is tested and working for your environment, execute it as a scheduled task from the same machine that generated the secure password.txt file above.
$passwdpath = "\\server\share\"
$User = "nsroot"
$Password = Get-Content $passwdpath"password.txt" | ConvertTo-SecureString
$Credential = New-Object System.Management.Automation.PSCredential ($User, $Password)
# Create a single column list of all the NetScalers you wish to get the configuration from
# These entries can be either the NSIP of each NetScaler, or the SNIP for HA pairs
# They can be recorded as either the IP directly, or as a FQDN you have setup in DNS.
# The name entered will be what the configuration backup is named.
ForEach ($NetScalerIP in Get-Content \\server\share\netscalers.txt)
{
# File Storage location for ns.conf files
$LocalPath = "\\server\share\"
$DateStamp = get-date -uformat "%Y-%m-%d@%H-%M-%S"
#Connect to Netscaler, download ns.conf config, rename it to NetScaler entry with a date stamp. Then disconnect the SFTP session.
$SFTPSession = New-SFTPSession -ComputerName $NetScalerIP -Credential $Credential -AcceptKey
Get-SFTPItem -SessionId $SFTPSession.SessionID -Destination $LocalPath -Path /nsconfig/ns.conf
rename-item $LocalPath\ns.conf $NetScalerIP-$DateStamp
Remove-SFTPSession -SessionID $SFTPSession.SessionID
}Running Config
# -----Netscaler Running Config collection tool
# Created by Jeff Riechers
# www.jeffriechers.com
#
#
# --Set Netscaler OS Creds--
#
# Generate a secure password file from the machine that will run the script, an example is show below. This just needs to be run once.
#
# "P@ssword1" | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString | Out-File "C:\Temp\Password.txt"
#
# Place that txt file where it can be securely accessed, and set that path and txt file name below.
# You will want to use the same account for each NetScaler. Limit the access to the NetScaler for read only.
# Make sure to limit access to this powershell script, so that no one adds anything malicious to this script.
# Once the script is tested and working for your environment, execute it as a scheduled task from the same machine that generated the secure password.txt file above.
$passwdpath = "\\server\share\"
$User = "nsroot"
$Password = Get-Content $passwdpath"password.txt" | ConvertTo-SecureString
$Credential = New-Object System.Management.Automation.PSCredential ($User, $Password)
# Create a single column list of all the NetScalers you wish to get the configuration from
# These entries can be either the NSIP of each NetScaler, or the SNIP for HA pairs
# They can be recorded as either the IP directly, or as a FQDN you have setup in DNS.
# The name entered will be what the configuration backup is named.
ForEach ($NetScalerIP in Get-Content \\server\share\netscalers.txt)
{
# File Storage location for ns.conf files
$LocalPath = "\\server\share\"
$DateStamp = get-date -uformat "%Y-%m-%d@%H-%M-%S"
#Connect to Netscaler, download config, rename it to netscaler ip and date stamp. Then disconnect session.
$uri = "http://"+$NetScalerIP+"/nitro/v1/config/nsrunningconfig"
$result = (Invoke-RestMethod -Method Get -Uri $uri -Credential $Credential).nsrunningconfig.response | Out-File "$LocalPath\$NetScalerIP-$DateStamp.txt"
}