The Verba PowerShell Deployment Toolkit simplifies the process of the Verba deployments and upgrades in large environments. The toolkit consists of two PowerShell files:

autoinstall.ps1 : Configurable PowerShell script for uninstalling, installing and upgrading Verba servers and components.
verba-*.psm1 : A PowerShell library which contains a collection of functions usable for Verba deployments. For the documentation of the functions see: Verba PowerShell Deployment Library

Preparations

Verba Prerequisites

The Verba PowerShell Deployment Toolkit does not install the prerequisites of the Verba services (Java, Visual C++, etc.) nor does the registration of the SfB/Lync Filter application in the SfB/Lync pool. These have to be done manually.

Deployment Toolkit Prerequisites

Make sure the x64 version of PowerShell (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe) is being used!

On the machine where the Verba Powershell Deployment Toolkit will be started, the SqlServer Powershell module has to be installed. Do the following steps in order to install the module:

Step 1 - Download and install PowerShell 5.1. After the installation, restart the machine.

Step 2 - Open PowerShell as administrator.

Script execution policy

Script execution may be restricted in the domain. In order to remove the restriction, execute the following command:

Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope LocalMachine -Force

Step 3 - Execute the following command. This will set the security protocol being used at the subsequent commands when communicating through the internet.

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

Step 4 - Execute the following command. When asked, type in Yes and press enter to allow the operation. This will download the NuGet package provide provider, and registers it as the default repository for PowerShell modules.

Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force

Step 5 - Execute the following command. When asked, type in Yes and press enter to allow the operation. This will download the SqlServer module.

Install-Package -Name SqlServer -RequiredVersion 21.1.18235 -AllowClobber

Installing the SqlServer module without internet connection

The SqlServer module can be installed also without an internet connection. Do the same commands on another computer with an internet connection, then copy the C:\Program Files\WindowsPowerShell\Modules\SqlServer folder to the same folder on the computer without an internet conenction.

Group Memberships

The Windows User who runs the script (logged in to the server) must be added to the following local groups at all Verba servers.

Administrators
Remote Management Users

Database

If database mirroring is used, make sure that the primary database (based on the Verba configuration) is the principal!

Configuration

The Verba PowerShell Deployment Toolkit can be configured by editing the autoinstall.ps1 file. The configuration part can be found at the beginning of the file, between the "Configuration" and "End of configuration" lines (except the $Servers variable). Edit the values of the following variables:

Variable	Description	Example value
[string]$InstallerPath	A network folder that contains the Verba executables (VerbaRecording.msi, VerbaAdditionalRoles.msi). The network folder has to be accessible for the windows user which is used for running the script.	"\\storage\Verba\8.8\"
[string]$TempPath	The folder path for temporary files. This folder will be created on each server.	"C:\verba_install\"
[string]$AppPath	Verba installation directory.	"C:\Program Files\Verba\"
[bool]$Test	Tests the servers The script test the following: If the script can log into the server If the Verba prerequisites are installed If the server can reach the database server on port 1433 Is there enough disk space	$true
[bool]$Uninstall	Sets whether the script will uninstall the specified servers. The script removes the Verba software, the registry set and the files from the server. This setting is ignored when $Upgrade=$true is used.	$false
[bool]$Install	Installs the Verba application on the servers. This setting is ignored when $Upgrade=$true is used.	$false
[bool]$BackupConfiguration	Backups the list of the activated services and the registry from the servers. The filenames going to be the hostnames of the servers. If the files already exist, the filename going to end with .bak. This setting is ignored when $Upgrade=$true is used.	$false
[bool]$RestoreConfiguration	Restores the list of the activated services and the registry from the files named with the corresponding server hostnames. This setting is ignored when $Upgrade=$true is used.	$false
[bool]$Upgrade	Sets whether the script will upgrade the specified servers. The upgrade involves the following process: Backups the existing configuration in the registry and the list of activated Verba services. Uninstalls the current Verba software. Installs the new version using the executables specified at the $path value. Restores the previously saved configuration (registry). Activates and starts the Verba services based on the previous configuration. If turned on, then the $Uninstall, $Install, $Backupconfiguration and $Restoreconfiguration values will be ignored.	$false
[bool]$KeepLogs	Sets whether the script should remove the log folder in case of uninstalling or upgrading.	$false
[bool]$ResetAPIPassword	Set to $true if you want to reset the API user's password. It is recommended when you are upgrading from 8.x.	$false
[bool]$RemoveLegacyCertificateSettings	Set to $true if you want to delete old legacy certificate settings from the profiles. It is recommended when you are upgrading from 8.x.	$false
[bool]$SkipNodeRegistrationCheck	Set $true if you want to skip the node registration check, so the script will register the Servers with NETBIOS name by default. It is recommended if you are upgrading from 8.x.	$false
[bool]$UpdateIMFormat	Set to $true if you want to update the old IM schema in the database. It is recommended when you are upgrading from 8.x. Depending on the amount of recordings, this process can take a while.	$false
[string]$APIUsername	Verba API username.	"verbaapi"
[string]$APIPassword	Verba API password.	"P@ssw0rd"
[string]$AdministratorUsername	Verba Administrator username.	"administrator"
[string]$AdministratorPassword	Verba Administrator password.	"P@ssw0rd"
[string]$SSLCertificateSubject	The subject of the SSL certificate generated for the Web Application. The script will generate a self-signed certificate with this subject.	"testmr1.verbatest.local"
[int]$StartupType	The startup type of the Verba services: 0: Disabled 1: Manual 2: Automatic 3: AutomaticDelayed	2
[string]$ServiceUsername	The Windows domain account used as a service account in the case of the Verba SfB/Lync Filter installation.	"contoso\verba-service"
[string]$ServicePassword	The password of the Windows domain account.	"P@ssw0rd"
[string]$DatabaseHost	The hostname of the server where the Verba database hosted.	"SQLSERVER"
[string]$DatabaseName	The name of the Verba database.	"Verba"
[bool]$SQLAuth	Sets whether SQL Authentication will be used for the SQL connection. If set to 0, then Windows authentication will be used for the SQL connection.	$true
[string]$DatabaseUsername	Username for the SQL connection. If the $sqlAuth setting is set to 1, then a SQL user has to be provided. If the $sqlAuth setting is set to 0, then a Windows domain user has to be provided in "domain\user" format.	"verba-user"
[string]$DatabasePassword	The password of the SQL connection.	"P@ssw0rd"
[bool]$MultiSubnetFailover	Set to $true, if Always-On database is being used with Multi-Subnet Failover.	$false
[bool]$DBPartitioning	Set to $true, if you want to turn on database partitioning. This improves the performance in the case of large databases.	$true
[bool]$EncryptedPasswords	#Set to $true, if you are providing the passwords ($APIPassword, $AdministratorPassword, $ServicePassword, $DatabasePassword, and -SSLCertificatePassword at the $Servers) in encrypted format	$false
[bool]$EnableCloudMode	Experimental feature. Sets whether cloud mode will be used for the Node Manager	$false
[string]$MRPoolName	Experimental feature. The Media Repository pool name.	"testmr1"
[int]$MRPortNumber	Experimental feature. The port used at the Media Repository for the incoming registration requests.	4432
[string]$TokenPassword	Experimental feature. The password of the registration token.	"P@ssw0rd"

Server configuration

The servers can be configured not at the beginning of the script, but below, at line 133. The $Servers variable is an array of VerbaServer objects. New items can be added with the New-VerbaServer command. The command parameters are the following:

Parameter	Description	Mandatory	Example value
-FQDN	The FQDN, hostname, or IP address of the server to install.	Yes	"verbars.contoso.local"
-Role	The Verba server role to install. Accepted values: Combo, MR, RS, LF, LFRC, RC, AS, SS	Yes	Combo
-UseLegacyAPI	Switch parameter. If present, the legacy, less secure connection will be used between the Verba services (Verba 8.x and older).	Yes, if the -UseAdvancedAPI parameter is not present
-UseAdvancedAPI	Switch parameter. If present, the new, certificate-based connection will be used between the Verba services (Verba 9.0 and later). If present, either the -ServerCertThumbprint or the -GenerateCertificates parameter is mandatory.	Yes, if the -UseLegacyAPI parameter is not present
-ServerCertThumbprint	The thumbprint of the server certificate that will be used for the connection between the Verba services. The certificate must be in the Windows Certificate Store.	Yes, if the -GenerateCertificates parameter is not present	"a909502dd82ae41433e6f83886b00d4277a32a7b"
-GenerateCertificates	Switch parameter. If present, the script will generate certificates. If present, either the -CA or the -CAFQDN parameter is mandatory.	Yes, if the -ServerCertThumbprint parameter is not present
-CA	Switch parameter. If present, the script will generate a self-signed certificate for CA certificate, and a server certificate using this CA certificate.	Yes, if the -GenerateCertificates is present, and the -CAFQDN parameter is not present
-CAFQDN	The FQDN of the Verba MR or Combo server that acts as a CA. The script will request a server certificate from this server.	Yes, if the -GenerateCertificates is present, and the -CA parameter is not present	"verbamr.contoso.local"
-SSLCertificatePath	Path to the .crt file that will be used as an SSL certificate by the Verba Web Application. The file must exist at the given location. In order to generate this file from .pfx or .p12 file, see: Installing an SSL certificate for HTTPS access	Yes, if the -Role parameter is set to MR or Combo, and the -GenerateSSLCertificate parameter is not present	"C:\certs\verba.crt"
-SSLCertificateKeyPath	Path to the .key file that will be used as an SSL certificate by the Verba Web Application. The file must exist at the given location. In order to generate this file from .pfx or .p12 file, see: Installing an SSL certificate for HTTPS access	Yes, if the -Role parameter is set to MR or Combo, and the -GenerateSSLCertificate parameter is not present	"C:\certs\verba.key"
-SSLCertificatePassword	The password of the .key file.	Yes, if the -Role parameter is set to MR or Combo, and the -GenerateSSLCertificate parameter is not present	"P@ssw0rd"
-GenerateSSLCertificate	Switch parameter. If present, the script will generate a self-signed SSL certificate for the Web Application. If present, the -SSLCertificateRequest parameter is mandatory.	Yes, if the -Role parameter is set to MR or Combo, and none of the following parameters are present: -SSLCertificatePath, -SSLCertificateKeyPath, -SSLCertificatePassword
-SSLCertificateRequest	Certificate request object for the SSL certificate that will be used for the Web Application.	Yes, if the -GenerateSSLCertificate parameter is present	$sslCertificate
-LocalIP	Local IP configuration for the server. If not provided, the IP address of the first NIC will be used. If provided, then the given IP address will be used. It is also possible to provide a partial IP address as a wildcard with the asterisk symbol. In this case, the script will check the IP addresses of the NICs, and the first one will be used that is matching the provided wildcard. If none of the IP addresses are matching to the wildcard, then the first NIC IP will be used.	No	"192.168.1.1" "192.*"

Examples:

Install server with legacy configuration (Verba 8.x) without Advanced API, and self-signed SSL certificate
$servers = @(
(New-VerbaServer -FQDN "verbamr.contoso.local" -Role MR -UseLegacyAPI -GenerateSSLCertificate -SSLCertificateRequest $sslCertificate),
(New-VerbaServer -FQDN "verbars.contoso.local" -Role RS -UseLegacyAPI)
}

Install server with legacy configuration (Verba 8.x) without Advanced API, and 3rd party SSL certificate
$servers = @(
(New-VerbaServer -FQDN "verbamr.contoso.local" -Role MR -UseLegacyAPI -SSLCertificatePath "C:\certs\verba.crt" -SSLCertificateKeyPath "C:\certs\verba.key" -SSLCertificatePassword "P@ssw0rd"),
(New-VerbaServer -FQDN "verbars.contoso.local" -Role RS -UseLegacyAPI)
}

Install Verba 9.x with Verba self-signed CA generated server certificates, and self-signed SSL certificate
$servers = @(
(New-VerbaServer -FQDN "verbamr.contoso.local" -Role MR -UseAdvancedAPI -GenerateCertificates -CA -GenerateSSLCertificate -SSLCertificateRequest $sslCertificate),
(New-VerbaServer -FQDN "verbars.contoso.local" -Role RS -UseAdvancedAPI -GenerateCertificates -CAFQDN "verbamr.contoso.local"),
)

Install Verba 9.x with existing server certificates and existing SSL certificates
$servers = @(
(New-VerbaServer -FQDN "verbamr.contoso.local" -Role MR -UseAdvancedAPI -ServerCertThumbprint "7E3C477D6A308ADAAE1AA9E2C5AE8BE0744A6BD1" -SSLCertificatePath "C:\certs\verba.crt" -SSLCertificateKeyPath "C:\certs\verba.key" -SSLCertificatePassword "P@ssw0rd"),
(New-VerbaServer -FQDN "verbars.contoso.local" -Role RS -UseAdvancedAPI -ServerCertThumbprint "7E3C477D6A308ADAAE1AA9E2C5AE8BE0744A6BD1"),
)

When the configuration is done, the script can be started.

Running the Deployment Toolkit

In order to run the Deployment Toolkit, start the autoinstall.ps1 script with an administrator PowerShell.

Running the Deployment Toolkit using Command Line Parameters

Instead of providing the settings by modifying the autoinstall.ps1 file, the setting values can be also provided directly using command line parameters. If a parameter is not provided, the script will use the default values within the file.

The following example shows how to start the script using command line parameters:

$p = Get-Location
Import-Module -Name "$($p.Path)\Verba-Deployment-Toolkit.psm1"

$sslCertificate = New-VerbaCertificateRequest -Subject "verbamr.contoso.local"

$servers = @(
(New-VerbaServer -FQDN "verbamr.contoso.local" -Role MR -UseAdvancedAPI -GenerateCertificates -CA -GenerateSSLCertificate -SSLCertificateRequest $sslCertificate),
(New-VerbaServer -FQDN "verbars.contoso.local" -Role RS -UseAdvancedAPI -GenerateCertificates -CAFQDN "verbamr.contoso.local"),
)

.\autoinstall.ps1 -InstallerPath "\\255.255.255.255\Releases" -TempPath "C:\verba_temp" -AppPath "C:\Program Files\Verba" -Test $true -Uninstall $false -Install $false -BackupConfiguration $false -RestoreConfiguration $false -Upgrade $false -KeepLogs $false -ResetAPIPassword $false -RemoveLegacyCertificateSettings $false -APIUsername "verbaapi" -APIPassword "P@ssw0rd" -AdministratorUsername "administrator" -AdministratorPassword "P@ssw0rd" -SSLCertificateSubject "testmr1.verbatest.local" -SkipNodeRegistrationCheck $false -Servers $servers -StartupType 2 -ServiceUsername "contoso\verba-service" -ServicePassword "P@ssw0rd" -DatabaseHost "SQLSERVER" -DatabaseName "Verba" -SQLAuth $true -DatabaseUsername "verba-user" -DatabasePassword "P@ssw0rd"