Working With the Exchange Best Practices Analyzer
Up until about a year or two ago, Exchange Server routinely enjoyed a reputation as being the most complicated product that Microsoft makes. In recent years, Exchange Server hasn’t gotten any easier, it’s just that Microsoft has created other products such as Office Communications Server that are more complicated than Exchange. Given the complexity of Exchange Server, it can be tricky to install it in a way that offers the best possible performance and scalability. Even if you have done your due diligence and installed Exchange Server according to all of Microsoft’s best practices guidelines, is still possible that you may not have an optimal installation. The reason for this is that Microsoft routinely updates their best practices for Exchange. Something that is considered to be a best practice today may very well be considered to be a bad practice tomorrow.
That being the case, I think that it is important to periodically compare your Exchange Server organization against Microsoft’s current list of best practices. Fortunately, this is not as difficult to achieve as it sounds. Microsoft offers a free utility called the Microsoft Exchange Best Practices Analyzer that you can use to perform the comparison. In this article, I will show you how.
Downloading the Exchange Best Practices Analyzer
The Microsoft Exchange Best Practices Analyzer (ExBPA) is freely available for download from Microsoft’s website. You can install this utility on either a server or on a workstation. It does not have to be installed directly onto an Exchange Server. Before you download and install the utility though, you will have to install version 1.1 of the .net Framework. I would also recommend installing the service pack for the framework.
One additional component that you will need to install is the IIS common files. The actual installation method varies considerably depending on which version of Windows that you are using. In any case though, the necessary files are included with the Windows operating system, and are fairly simple to install.
Once you have the necessary components in place, you can download the Exchange Best Practices Analyzer (ExBPA).
One thing to keep in mind is that just as Microsoft recommended best practices for Exchange Server routinely change, so too does the ExBPA. Although version 2.8 is the current version, I recommend that you always check for a newer version prior to running the ExBPA.
Using the Microsoft Exchange Best Practices Analyzer
Once the installation process is complete, it’s time to actually analyze your Exchange Server organization. As I mentioned before, the ExBPA does not have to be installed directly on an Exchange Server. The reason for this is that Exchange Server stores the majority of its configuration information in the Active Directory database. The ExBPA pulls information from the Active Directory, the IIS Metabase, and various other sources in order to determine how your Exchange Server organization is configured.
When you initially launch the ExBPA, the first thing that you see a screen asking you if you want to check for updates. Because Microsoft does frequently change the recommended best practices, I do recommend checking for updates every time that you run the ExBPA.
When you’re done checking for updates, you’ll be taken to the Welcome screen. This screen gives you the option of either selecting options for a new scan, or of viewing the results from a previous scan. Go ahead and choose the option to select options for a new scan.
At this point, you will be prompted to connect to an Active Directory server. To do so, click the Connect to the Active Directory Server link. Believe it or not, you won’t actually be prompted to enter the name of a domain controller. Instead, the ExBPA will scan your network, and automatically locate your domain controllers and your Exchange servers. When the scanning process is complete, you will be taken to a screen similar to the one that is shown in Figure A. As you can see in the figure, the screen gives you the option of choosing which type of skin you want to perform, and which servers you want to run the scan against.
Figure A You must choose the type of scan that you want to perform, and the Exchange servers that you want to run the scan against.
As you can see in the figure above, there are quite a few different types of scans that you can perform. In part two of this article series, I will explain the difference between these various types of scans, and show you how to view the scan results.
In this article, I have explained that because Microsoft frequently changes there recommended best practices for Exchange Server, it is a good idea to periodically run the Microsoft Exchange Best Practices Analyzer against your Exchange Server organization.
Got a question? Post it on our Exchange Server Forums!
More in Exchange Server
M365 Changelog: Get-AdvancedThreatProtectionDocumentReport and Get-AdvancedThreatProtectionDocumentDetail to be retired
May 24, 2022 | Petri Staff
M365 Changelog: (Updated) Microsoft Defender for Office 365: Updates to URL Protection Report
May 24, 2022 | Petri Staff
M365 Changelog: Safe Links Global Settings Migrated to Custom Policies
May 20, 2022 | Petri Staff
Microsoft to Ship Some Exchange Server Security Updates in .EXE Packages
May 11, 2022 | Rabia Noureen
M365 Changelog: Exchange Transport Rule Report moving to the new Exchange Admin Center (EAC) from the Security and Compliance Center
Apr 22, 2022 | Petri Staff
Hive Ransomware Group Attacks Vulnerable Microsoft Exchange Servers
Apr 22, 2022 | Rabia Noureen
Most popular on petri