What is in the SBS BPA?

The SBS Best Practices Analyzer (BPA) is a tool that collects information about your server and analyzes this information to produce a report on how you can configure the server to perform better. It is not a comprehensive 100% check of the entire system. It checkes your server against a specific set of configuration rules and reports when these rules are not properly followed.

A write up about the BPA can be found here – http://blogs.technet.com/b/sbs/archive/2011/04/08/introducing-the-windows-server-solutions-bpa.aspx

The following is a list of checks that the BPA does for SBS 2011 (from http://blogs.technet.com/b/sbs/archive/2011/04/25/windows-server-solutions-bpa-checklist.aspx)

Small Business Server 2011 Standard Edition

Checks the following service’s start mode:

  • DNS Client – DNSClientStartModeSection
  • DHCP Client – DHCPClientStartModeSection
  • IIS Admin Service – IISAdminStartModeSection
  • Remote Registry – RemoteRegistryStartModeSection
  • Remote Desktop Gateway – TSGatestartModeSection
  • Windows Update – AutoUpdatestartModeSection
  • Distributed Transaction Coordinator – DTCStartModeSection
  • Netlogon – NetlogonStartModeSection
  • DNS Server – DNSServerStartModeSection
  • Windows SBS Manager – SBSMgrstartModeSection

Checks that the following services are started:

  • DNS Client – DNSClientStartedSection
  • Windows Update – AutoUpdatesStartedSection
  • DHCP Client – DHCPClientStartedSection
  • IIS Admin Service – IISAdminStartedSection
  • World Wide Web Publishing Service – W3SVCStartedSection
  • Remote Registry – RemoteRegStartedSection
  • Remote Desktop Gateway – TSGateStartedSection
  • Windows Time – W32TimeStartedSection
  • Distributed Transaction Coordinator – DTCStartedSection
  • Netlogon – NetlogonStartedSection
  • DNS Server – DNSServerStartedSection
  • Windows SBS Manager – SBSmgrStartedSection

Checks the following service’s logon account:

  • DNS Client – DNSClientStartNameSection
  • Windows Update – AutoUpdatesStartNameSection
  • DHCP Client – DHCPClientStartNameSection
  • World Wide Web Publishing Service – W3SVCStartNameSection
  • Remote Desktop Gateway – TSGatewayStartNameSection
  • Windows Time – W32TimeStartNameSection
  • Distributed Transaction Coordinator – DTCStartNameSection
  • Netlogon – NetlogonStartNameSection
  • DNS Server – DNSServerStartNameSection
  • Windows SBS Manager – SBSMgrStartNameSection

Other Checks:

  • SKUsFoundSection – Returns the Operating System Platform name
  • PingDefGtwySection – Checks to see if the server is not able to ping the default gateway
  • PingDefGtwyOKSection – Checks to see if the server is able to ping the default gateway
  • Check2IPsSection – Checks to see if there are multiple IP addresses on the network card
  • IPFilteringSection – Checks to see if IP Filtering is enabled
  • HyperVSection – Checks to see if the Hyper-V role is installed
  • IPv6Section – Check to see if IPv6 appears to be improperly disabled
  • KernelAuthEnabledSection – Check to see if Kernel Mode Authentication is enabled in the applicationhost.config for IIS

Small Business Server 2011 Essentials

Checks the following service’s start mode:

  • DNS Client – DNSClientStartModeSection
  • DHCP Client – DHCPClientStartModeSection
  • IIS Admin Service – IISAdminStartModeSection
  • World Wide Web Publishing Service – W3SVCStartModeSection
  • Remote Registry – RemoteRegistryStartModeSection
  • Remote Desktop Gateway – TSGatestartModeSection
  • Windows Time – W32TimestartModeSection
  • Windows Update – AutoUpdatestartModeSection
  • Distributed Transaction Coordinator – DTCStartModeSection
  • Netlogon – NetlogonStartModeSection
  • DNS Server – DNSServerStartModeSection

Checks that the following services are started:

  • DNS Client – DNSClientStartedSection
  • Windows Update – AutoUpdatesStartedSection
  • DHCP Client – DHCPClientStartedSection
  • IIS Admin Service – IISAdminStartedSection
  • World Wide Web Publishing Service – W3SVCStartedSection
  • Remote Registry – RemoteRegStartedSection
  • Remote Desktop Gateway – TSGateStartedSection
  • Windows Time – W32TimeStartedSection
  • Distributed Transaction Coordinator – DTCStartedSection
  • Netlogon – NetlogonStartedSection
  • DNS Server – DNSServerStartedSection

Checks the following service’s logon account:

  • DNS Client – DNSClientStartNameSection
  • Windows Update – AutoUpdatesStartNameSection
  • DHCP Client – DHCPClientStartNameSection
  • IIS Admin Service – IISAdminStartNameSection
  • World Wide Web Publishing Service – W3SVCStartNameSection
  • Remote Desktop Gateway – TSGatewayStartNameSection
  • Windows Time – W32TimeStartNameSection
  • Distributed Transaction Coordinator – DTCStartNameSection
  • Netlogon – NetlogonStartNameSection
  • DNS Server – DNSServerStartNameSection

Other Checks:

  • SKUsFoundSection – Returns the Operating System Platform name
  • PingDefGtwySection – Checks to see if the server is not able to ping the default gateway
  • PingDefGtwyOKSection – Checks to see if the server is able to ping the default gateway
  • Check2IPsSection – Checks to see if there are multiple IP addresses on the network card
  • IPFilteringSection – Checks to see if IP Filtering is enabled
  • HyperVSection – Checks to see if the Hyper-V role is installed

Windows Storage Server 2008 R2 Essentials

Checks the following service’s start mode:

  • DNS Client – DNSClientStartModeSection
  • DHCP Client – DHCPClientStartModeSection
  • IIS Admin Service – IISAdminStartModeSection
  • World Wide Web Publishing Service – W3SVCStartModeSection
  • Remote Registry – RemoteRegistryStartModeSection
  • Remote Desktop Gateway – TSGatestartModeSection
  • Windows Time – W32TimestartModeSection
  • Windows Update – AutoUpdatestartModeSection

Checks that the following services are started:

  • DNS Client – DNSClientStartedSection
  • Windows Update – AutoUpdatesStartedSection
  • DHCP Client – DHCPClientStartedSection
  • IIS Admin Service – IISAdminStartedSection
  • World Wide Web Publishing Service – W3SVCStartedSection
  • Remote Registry – RemoteRegStartedSection
  • Remote Desktop Gateway – TSGateStartedSection
  • Windows Time – W32TimeStartedSection

Checks the following service’s logon account:

  • DNS Client – DNSClientStartNameSection
  • Windows Update – AutoUpdatesStartNameSection
  • DHCP Client – DHCPClientStartNameSection
  • IIS Admin Service – IISAdminStartNameSection
  • World Wide Web Publishing Service – W3SVCStartNameSection
  • Remote Desktop Gateway – TSGatewayStartNameSection
  • Windows Time – W32TimeStartNameSection

Other Checks:

  • PingDefGtwySection – Checks to see if the server is not able to ping the default gateway
  • PingDefGtwyOKSection – Checks to see if the server is able to ping the default gateway

Windows MultiPoint Server 2011

Checks the following service’s start mode:

  • Windows MultiPoint Server Host Service – WMSSvcStartModeSection

Checks that the following services are started:

  • Windows MultiPoint Server Host Service – WMSSvcStartedSection
  • Remote Desktop Services – TermServiceStartedSection

Checks the following service’s logon account:

  • Windows MultiPoint Server Host Service – WMSSvcStartNameSection

Other Checks:

  • SRCShellAccountExistsSection – Verifies the SRCShell local account exist

You can also find the BPA for all versions of SBS from here – www.sbsbpa.com

Leave a Reply

Your email address will not be published. Required fields are marked *

Solve the Equation to continue * Time limit is exhausted. Please reload CAPTCHA.