Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Introduction

This article describes an update that adds new best practices to Windows Server Solutions Best Practices Analyzer 1.0.

Windows Server Solutions Best Practices Analyzer 1.0 (Windows Server Solutions BPA) is a diagnostic tool that is built on the Microsoft Baseline Configuration Analyzer (MBCA) technology. Windows Server Solutions BPA scans a computer that is running one of the following operating systems, and compares the existing server settings to a predefined set of recommended best practices:

  • Windows Small Business Server 2011 Standard

  • Windows Small Business Server 2011 Essentials

  • Windows Storage Server 2008 R2 Essentials

  • Windows Multipoint Server 2011

Windows Server Solutions BPA performs the following tasks:

  • Collects information about a server

  • Determines whether the server settings comply with a set of best practices that are recommended by Microsoft

  • Provides a report of the scan results (the report identifies differences between the server settings and the recommended best practices)

  • Identifies conditions that may cause problems with the server

  • Recommends solutions to potential problems

Update information

How to obtain this update

To obtain this update, run Windows Server Solutions Best Practice Analyzer 1.0.

Prerequisites

To apply this update, you must be running one of the following operating systems:

  • Windows Small Business Server 2011 Standard

  • Windows Small Business Server 2011 Essentials

  • Windows Storage Server 2008 R2 Essentials

  • Windows Multipoint Server 2011 Standard

  • Windows Multipoint Server 2011 Premium

Additionally, you must have Windows Server Solutions Best Practices Analyzer 1.0 installed.

Registry information

To use the update in this package, you do not have to make any changes to the registry.

Restart requirement

You do not have to restart the computer after you apply this update.

Update replacement information

This update does not replace a previously released update.

New best practices

After you install this update, the Windows Server Solutions BPA performs the following checks:

click here to expand the list 

  1. Checks whether the application pool for Remote Web Access uses the default account

  2. Checks whether the application pool for Remote Web Access uses the default version of the .NET Framework

  3. Checks whether the application pool for Remote Web Access uses the default Managed Pipeline Mode

  4. Checks whether the application pool for Remote Web Access uses the default bit version

  5. Checks whether the built-in Administrators group has the "Log on as a batch job" user right

  6. Checks whether the Windows Firewall is enabled

  7. Checks whether the DNS host (A) resource record points to the correct IP address

  8. Checks whether the internal network adapter is configured to register the IP address of the network adapter in DNS

  9. Checks whether the values of the DNS ForwardingTimeout registry key and the RecursionTimeout registry key are identical

  10. Checks whether the extension mechanisms for DNS (EDNS) is enabled

  11. Checks whether the forward DNS zone of your Active Directory domain allows for secure updates

  12. Checks whether the forward DNS zone allows for secure updates

  13. Checks whether Internet Explorer Enhanced Security Configuration is enabled for the Administrators group

  14. Checks whether Internet Explorer Enhanced Security Configuration is enabled for the Users group

  15. Checks whether the source server is in the Active Directory Sites and Services snap-in

  16. Checks whether the source server is in the SBSComputer organizational unit (OU)

  17. Checks whether the MaxCacheTTL DNS parameter is not set

  18. Checks whether a Windows Small Business Server (Windows SBS) Group Policy is missing

  19. Checks whether there are DNS name server resource records in the forward lookup zone

  20. Checks whether there are DNS name server records in the _msdcs zone

  21. Checks whether there are DNS name server records for the delegated _msdcs forward lookup zone.

  22. Checks whether Windows SBS is the Domain Naming Master (if Windows SBS is the Domain Naming Master, you will receive a confirmation message)

  23. Checks whether Windows SBS is the Infrastructure Master (if Windows SBS is the Infrastructure Master, you will receive a confirmation message)

  24. Checks whether Windows SBS is the Primary Domain Controller Master (if Windows SBS is the Primary Domain Controller Master, you will receive a confirmation message)

  25. Checks whether the Authenticated Users group is a member of the Pre-Windows 2000 Compatible Access group

  26. Checks whether Windows SBS is the Relative ID (RID) Master (if Windows SBS is the RID Master, you will receive a confirmation message)

  27. Checks whether the DNS client is configured correctly

  28. Checks whether Windows SBS is the Schema Master (if Windows SBS is the Schema Master, you will receive a confirmation message)

  29. Checks whether the value of the RootVeer registry entry for the .NET Framework is correct

  30. Checks whether the server cannot ping

  31. Checks whether the value of the Remote Desktop Protocol (RDP) port is the default value

  32. Checks whether the value of the SysvolReady registry key is correct

  33. Checks whether the Sysvol folder is shared

  34. Checks whether the free disk space is very low

  35. Checks whether the value of the default Application Pool is changed

  36. Checks whether the Certification Authority name may cause errors

  37. Checks whether the value of the OriginalMachineName(90) registry key is correct

  38. Checks whether the value of the OriginalMachineName(100) registry key is correct

  39. Checks whether the version of Exchange Server 2010 is the release version

  40. Checks whether Windows SBS is in a journal wrap condition

  41. Checks whether the external remote procedure call (RPC) authentication is not set to the default method

  42. Checks whether the internal RPC authentication is not set to the default method

  43. Checks whether the version of Windows Server 2008 R2 is the release version

  44. Checks whether Simple Mail Transfer Protocol (SMTP) is installed

  45. Checks whether there are empty Servers containers

  46. Checks whether the accepted domain for Exchange is not the default domain

  47. Checks whether the application pool for SharePoint uses the default account

  48. Checks whether the application pool for SharePoint uses the default version of the .NET Framework

  49. Checks whether the application pool for SharePoint uses the default Managed Pipeline Mode

  50. Checks whether the application pool for SharePoint uses the default bit version

  51. Checks whether the application pool for PowerShell uses the default account

  52. Checks whether the application pool for PowerShell uses the default version of the .NET Framework

  53. Checks whether the application pool for PowerShell uses the default Managed Pipeline Mode

  54. Checks whether the application pool for PowerShell uses the default bit version

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×