mirror of
https://github.com/NexusOne23/noid-privacy.git
synced 2026-02-07 20:14:25 +01:00
69 lines
2.1 KiB
PowerShell
69 lines
2.1 KiB
PowerShell
<#
|
|
.SYNOPSIS
|
|
Restore audit policies from backup
|
|
|
|
.DESCRIPTION
|
|
Uses auditpol.exe to import audit policy configuration from backup CSV.
|
|
|
|
.PARAMETER BackupPath
|
|
Path to backup CSV file created by Backup-AuditPolicies
|
|
|
|
.OUTPUTS
|
|
PSCustomObject with restore status
|
|
|
|
.NOTES
|
|
Uses auditpol.exe /restore command
|
|
#>
|
|
|
|
function Restore-AuditPolicies {
|
|
[CmdletBinding()]
|
|
param(
|
|
[Parameter(Mandatory = $true)]
|
|
[string]$BackupPath
|
|
)
|
|
|
|
$result = [PSCustomObject]@{
|
|
Success = $false
|
|
Errors = @()
|
|
}
|
|
|
|
if (-not (Test-Path $BackupPath)) {
|
|
$result.Errors += "Backup file not found: $BackupPath"
|
|
return $result
|
|
}
|
|
|
|
try {
|
|
Write-Log -Level DEBUG -Message "Restoring audit policies from: $BackupPath" -Module "SecurityBaseline"
|
|
|
|
# Restore audit settings
|
|
$auditpolArgs = @(
|
|
"/restore",
|
|
"/file:`"$BackupPath`""
|
|
)
|
|
|
|
$process = Start-Process -FilePath "auditpol.exe" `
|
|
-ArgumentList $auditpolArgs `
|
|
-Wait `
|
|
-NoNewWindow `
|
|
-PassThru `
|
|
-RedirectStandardOutput (Join-Path $env:TEMP "auditpol_restore_stdout.txt") `
|
|
-RedirectStandardError (Join-Path $env:TEMP "auditpol_restore_stderr.txt")
|
|
|
|
if ($process.ExitCode -eq 0) {
|
|
$result.Success = $true
|
|
Write-Log -Level DEBUG -Message "Audit policies restored successfully" -Module "SecurityBaseline"
|
|
}
|
|
else {
|
|
$stderr = Get-Content (Join-Path $env:TEMP "auditpol_restore_stderr.txt") -Raw -ErrorAction SilentlyContinue
|
|
$result.Errors += "auditpol restore failed with exit code $($process.ExitCode): $stderr"
|
|
Write-Error "auditpol restore failed: $stderr"
|
|
}
|
|
|
|
}
|
|
catch {
|
|
$result.Errors += "Audit policies restore failed: $_"
|
|
Write-Error "Audit policies restore failed: $_"
|
|
}
|
|
|
|
return $result
|
|
}
|