Windows Server 2012 R2 Best Practices Analyzer

Did you know that the BPA is build-in in windows server 2012. In the old days you need to download al the BPA

http://www.microsoft.com/en-us/download/details.aspx?id=15556

But now in 2012 the BPA is build-in this is a great feature but did you know this I see al lot of items and some IT admins did not know the BPA feature. You can check the BPA in PowerShell or in the GUI

The gui verson:

Go to the service manager and check local server  ( this is my test demo server so plenty of errors here )

image     image

Click on task and click the BPA scan. and the output will be a NIC listing of config items.

image

 

 

 

PowerShell

But there is more did you know you can do this with PowerShell. Find the BPA Models are available Get-BpaModel | Select Id

image

 

 

 

 

 

 

 

Id

Microsoft/Windows/ADRMS
Microsoft/Windows/CertificateServices
Microsoft/Windows/DHCPServer
Microsoft/Windows/DirectoryServices
Microsoft/Windows/DNSServer
Microsoft/Windows/FederationServices
Microsoft/Windows/FileServices
Microsoft/Windows/Hyper-V
Microsoft/Windows/LightweightDirectoryServices
Microsoft/Windows/NPAS
Microsoft/Windows/RemoteAccessServer
Microsoft/Windows/TerminalServices
Microsoft/Windows/UpdateServices
Microsoft/Windows/VolumeActivation
Microsoft/Windows/WebServer

SO all these models can be run on your server build-in easy and quick some scans are quick and some take a little time.

Invoke-BpaModel Microsoft/Windows/WebServer

image

 

 

 

View a summary of the BPA results by Severity

Get-BpaResult Microsoft/Windows/DNSServer| Group Severity

image

 

 

 

 

 

 

 

View the details for all results with “Warning” severity level :

Get-BpaResult Microsoft/Windows/DNSServer| ? Severity -eq “Warning”

image

 

 

 

 

 

 

and if you want to exclude items

Set-BPAResult -IdSpecified Model Id-Exclude $true

These are just samples on how to start more options are available. Yes easy if you know all the Command lets. It is not that hard to start

get-comand *bpa*

image

 

 

 

these are all the commands you can use for BPA.

Cmdlet          Get-BpaModel                                      BestPractices
Cmdlet          Get-BpaResult                                      BestPractices
Cmdlet          Invoke-BpaModel                                 BestPractices
Cmdlet          Set-BpaResult                                      BestPractices

But what about remote computer ? Easy enter:

Enter-PSSession Yourcomputer -Credential administrator

the line is change now and will start with the server you used.

[mvpdc01]: PS C:\Users\Administrator.000\Documents> Get-BpaModel

It's only fair to share...Tweet about this on TwitterShare on LinkedIn0Share on Google+0Share on Facebook0

Leave a Comment