# Session 3 — 2026-03-07: Backup Setup + Quick Wins **Focus:** Priority 1 (backup/safety net) + quick remote fixes --- ## Pre-Session Checklist - [ ] Howard has Synology DSM credentials ready - [ ] ScreenConnect access to CS-SERVER confirmed - [ ] pfSense web UI accessible --- ## Step 1: Set Up Synology Active Backup for Business (~30 min) ### 1a. Install Active Backup for Business 1. Log into Synology DSM at `https://192.168.0.120:5001` 2. Open **Package Center** → search "Active Backup for Business" 3. Install (free with Synology, no license key needed) 4. Open Active Backup for Business from main menu ### 1b. Install ABB Agent on CS-SERVER Via ScreenConnect on CS-SERVER: 1. Open browser on CS-SERVER, go to `https://192.168.0.120:5001` 2. Log into DSM → Active Backup for Business → **Physical Server** tab 3. Click **Add Device** → download the Windows agent installer 4. Run installer on CS-SERVER — it will ask for: - Synology NAS address: `192.168.0.120` - DSM admin credentials 5. Once agent connects, CS-SERVER should appear in the device list ### 1c. Create Backup Task | Setting | Value | |---------|-------| | Source | CS-SERVER (entire machine — C: + D:) | | Destination | Synology Volume 1 | | Schedule | Daily at 2:00 AM | | Retention | 7 daily + 4 weekly | | Compression | Enabled | | Transfer encryption | Enabled | ### 1d. Storage Check BEFORE Running First Backup ```powershell # Run on CS-SERVER to get actual data sizes $cUsed = (Get-PSDrive C).Used / 1GB $dUsed = (Get-PSDrive D).Used / 1GB Write-Host "C: drive used: $([math]::Round($cUsed, 1)) GB" Write-Host "D: drive used: $([math]::Round($dUsed, 1)) GB" Write-Host "Total data: $([math]::Round($cUsed + $dUsed, 1)) GB" ``` **Storage concern:** Synology has ~540 GB free. CS-SERVER has ~137 GB on C: + ~455 GB on D: = ~592 GB total. First full backup may NOT fit if we include everything. **Options if space is tight:** - Exclude pagefile.sys, hiberfil.sys, temp folders (ABB usually does this automatically) - Exclude `C:\Windows\Temp`, `C:\Users\*\AppData\Local\Temp` - Back up D: only (has the critical data — shares, Roaming profiles) - Check if ABB uses dedup/compression (it does — expect 40-60% compression) ### 1e. Run First Backup 1. Click **Back Up Now** in the ABB console 2. Monitor progress — first full backup of ~460 GB over Gigabit LAN should take 1-2 hours 3. Verify backup starts successfully, note estimated completion time 4. Can continue with other steps while backup runs ### 1f. Verify - [ ] ABB agent installed and connected on CS-SERVER - [ ] Backup task created with correct schedule/retention - [ ] First backup started successfully - [ ] Estimated completion time noted: ____________ --- ## Step 2: Export pfSense Config XML (~2 min) 1. Open pfSense web UI → `https://192.168.0.1` 2. Navigate to **Diagnostics → Backup & Restore** 3. Click **Download configuration as XML** 4. Save file locally, then copy to CS-SERVER: ```powershell # On CS-SERVER, create the directory New-Item -Path "D:\Shares\IT\Backups\pfSense" -ItemType Directory -Force ``` 5. Upload the XML to `D:\Shares\IT\Backups\pfSense\pfsense-config-2026-03-07.xml` - [ ] pfSense XML saved to CS-SERVER --- ## Step 3: Export AD/DNS/Permissions Snapshots (~10 min) Run on CS-SERVER via ScreenConnect: ```powershell # Use the existing script Set-Location "D:\Shares\IT" # If script is available on the server: # .\phase0-export-configs.ps1 # Or run inline: $BackupRoot = "D:\Shares\IT\Backups" $Timestamp = Get-Date -Format "yyyy-MM-dd_HHmm" # Create directories "AD", "DNS", "Permissions", "GPO" | ForEach-Object { New-Item -Path "$BackupRoot\$_" -ItemType Directory -Force | Out-Null } # AD exports Import-Module ActiveDirectory Get-ADUser -Filter * -Properties * | Export-Csv "$BackupRoot\AD\users_$Timestamp.csv" -NoTypeInformation Get-ADComputer -Filter * -Properties * | Export-Csv "$BackupRoot\AD\computers_$Timestamp.csv" -NoTypeInformation Get-ADGroup -Filter * -Properties * | Export-Csv "$BackupRoot\AD\groups_$Timestamp.csv" -NoTypeInformation Get-ADGroupMember -Identity "Domain Admins" | Export-Csv "$BackupRoot\AD\domain-admins_$Timestamp.csv" -NoTypeInformation # DNS export Import-Module DnsServer Get-DnsServerResourceRecord -ZoneName "cascades.local" | Export-Csv "$BackupRoot\DNS\cascades-local-records_$Timestamp.csv" -NoTypeInformation Get-DnsServerZone | Export-Csv "$BackupRoot\DNS\zones_$Timestamp.csv" -NoTypeInformation # DNS forwarder check (also verifies item G) Get-DnsServerForwarder | Out-File "$BackupRoot\DNS\forwarders_$Timestamp.txt" Write-Host "--- DNS Forwarder Check (should show 192.168.0.1) ---" Get-DnsServerForwarder | Format-List # File share permissions Get-SmbShare | Export-Csv "$BackupRoot\Permissions\smb-shares_$Timestamp.csv" -NoTypeInformation Get-SmbShare | Where-Object { $_.Path -like "D:\*" } | ForEach-Object { Get-SmbShareAccess -Name $_.Name | Out-File "$BackupRoot\Permissions\$($_.Name)-access_$Timestamp.txt" } # GPO report Get-GPO -All | Export-Csv "$BackupRoot\AD\gpos_$Timestamp.csv" -NoTypeInformation Write-Host "`nAll exports saved to $BackupRoot" -ForegroundColor Green ``` - [ ] AD exports completed - [ ] DNS exports completed (including forwarder check) - [ ] Permissions exports completed - [ ] GPO report exported - [ ] DNS forwarder confirmed as 192.168.0.1 (item G): ____________ --- ## Step 4: Quick Remote Checks (~5 min) Run on CS-SERVER while backup is in progress: ```powershell # === DISK HEALTH CHECK === # Try Dell OpenManage CLI $omreport = "C:\Program Files\Dell\SysMgt\oma\bin\omreport.exe" if (Test-Path $omreport) { Write-Host "=== DISK HEALTH (OpenManage) ===" -ForegroundColor Cyan & $omreport storage pdisk controller=0 } else { Write-Host "[WARN] Dell OpenManage CLI not found at expected path" -ForegroundColor Yellow Write-Host "Try OpenManage web UI at https://192.168.2.254:1311" } # === UNKNOWN LISTENING PORTS === Write-Host "`n=== UNKNOWN PORT IDENTIFICATION ===" -ForegroundColor Cyan @(5504, 6783, 8019) | ForEach-Object { $port = $_ $conn = Get-NetTCPConnection -LocalPort $port -ErrorAction SilentlyContinue if ($conn) { $proc = Get-Process -Id $conn.OwningProcess -ErrorAction SilentlyContinue Write-Host "Port $port -> PID $($conn.OwningProcess) -> $($proc.ProcessName) ($($proc.Path))" -ForegroundColor Green } else { Write-Host "Port $port -> No active listener" -ForegroundColor Yellow } } # === IIS CHECK === Write-Host "`n=== IIS WEBSITES ===" -ForegroundColor Cyan try { Import-Module WebAdministration -ErrorAction Stop Get-Website | Format-Table Name, State, PhysicalPath, @{N='Bindings';E={$_.bindings.Collection.bindingInformation}} -AutoSize } catch { Write-Host "[WARN] WebAdministration module not available: $_" -ForegroundColor Yellow } # === SERVER UPTIME & GENERAL HEALTH === Write-Host "`n=== SERVER HEALTH ===" -ForegroundColor Cyan $os = Get-CimInstance Win32_OperatingSystem Write-Host "Uptime: $((Get-Date) - $os.LastBootUpTime)" Write-Host "Memory: $([math]::Round(($os.TotalVisibleMemorySize - $os.FreePhysicalMemory) / 1MB, 1)) GB used / $([math]::Round($os.TotalVisibleMemorySize / 1MB, 1)) GB total" Get-PSDrive C, D | ForEach-Object { Write-Host "$($_.Name): $([math]::Round($_.Used/1GB,1)) GB used / $([math]::Round(($_.Used+$_.Free)/1GB,1)) GB total ($([math]::Round($_.Free/1GB,1)) GB free)" } ``` Record results: - [ ] Disk health status: ____________ - [ ] Port 5504 is: ____________ - [ ] Port 6783 is: ____________ - [ ] Port 8019 is: ____________ - [ ] IIS serving: ____________ --- ## Step 5: Quick Fixes (if time permits, ~10 min) ### 5a. Fix Room 218 DHCP (Item H) pfSense UI → Services → DHCP Server → Room218 - Change **Range End** from `10.2.18.2` to `10.2.18.14` - Save → Apply Changes - [ ] Room 218 DHCP range fixed ### 5b. Delete Room 130 Firewall Rule (Item I) pfSense UI → Firewall → Rules → Room130 - Delete the disabled TCP PASS rule - Apply Changes - [ ] Room 130 dead rule deleted ### 5c. Set CS-SERVER Timezone (Item K) ```powershell # Check current timezone Get-TimeZone # Set to Arizona (UTC-07:00, no DST — matches pfSense) Set-TimeZone -Id "US Mountain Standard Time" # Verify Get-TimeZone # Should show: (UTC-07:00) Arizona ``` - [ ] CS-SERVER timezone set to Arizona --- ## Post-Session Summary ### Completed This Session - [ ] Synology Active Backup for Business installed and first backup running - [ ] pfSense config XML exported - [ ] AD/DNS/Permissions snapshots exported - [ ] DNS forwarder verified (item G) - [ ] Disk health checked - [ ] Unknown ports identified - [ ] IIS purpose documented - [ ] Room 218 DHCP fixed (item H) - [ ] Room 130 rule deleted (item I) - [ ] CS-SERVER timezone fixed (item K) ### Next Session Plan 1. Create firewall aliases (item D) — ~15 min 2. Replace INTERNAL firewall rules (item E) 3. Disable floating rule #4 + add room internet rule (item F) 4. Delete VLAN 10 from UniFi (item J) ### Information Gathered | Item | Finding | |------|---------| | DNS Forwarder | | | Disk Health | | | Port 5504 | | | Port 6783 | | | Port 8019 | | | IIS Purpose | | | Backup Status | | | Storage Remaining | |