Working With the Exchange Best Practices Analyzer

Up until about a year or two ago, Exchange Server routinely enjoyed a reputation as being the most complicated product that Microsoft makes. In recent years, Exchange Server hasn’t gotten any easier, it’s just that Microsoft has created other products such as Office Communications Server that are more complicated than Exchange. Given the complexity of Exchange Server, it can be tricky to install it in a way that offers the best possible performance and scalability. Even if you have done your due diligence and installed Exchange Server according to all of Microsoft’s best practices guidelines, is still possible that you may not have an optimal installation. The reason for this is that Microsoft routinely updates their best practices for Exchange. Something that is considered to be a best practice today may very well be considered to be a bad practice tomorrow.

That being the case, I think that it is important to periodically compare your Exchange Server organization against Microsoft’s current list of best practices. Fortunately, this is not as difficult to achieve as it sounds. Microsoft offers a free utility called the Microsoft Exchange Best Practices Analyzer that you can use to perform the comparison. In this article, I will show you how.

Downloading the Exchange Best Practices Analyzer

The Microsoft Exchange Best Practices Analyzer (ExBPA) is freely available for download from Microsoft’s website. You can install this utility on either a server or on a workstation. It does not have to be installed directly onto an Exchange Server. Before you download and install the utility though, you will have to install version 1.1 of the .net Framework. I would also recommend installing the service pack for the framework.

[Note: .NET Framework 1.1 is no longer supported on modern Windows versions such as Windows 10, Windows 11, or Windows Server 2019/2022.]

One additional component that you will need to install is the IIS common files. The actual installation method varies considerably depending on which version of Windows that you are using.

[Note: In modern Windows versions such as Windows 10, Windows 11, and Windows Server 2016/2019/2022, IIS components can be added via “Turn Windows features on or off” or through Server Manager.]

In any case though, the necessary files are included with the Windows operating system, and are fairly simple to install.

Once you have the necessary components in place, you can download the Exchange Best Practices Analyzer (ExBPA).

[Note: ExBPA is deprecated and not supported for Exchange Server 2013 or newer. For Exchange 2013, 2016, and 2019, consider using the Exchange Server Health Checker or ExchangeAnalyzer PowerShell tool.]

One thing to keep in mind is that just as Microsoft recommended best practices for Exchange Server routinely change, so too does the ExBPA. Although version 2.8 is the current version, I recommend that you always check for a newer version prior to running the ExBPA.

[Note: Version 2.8 is the final release; ExBPA is no longer maintained by Microsoft.].

Using the Microsoft Exchange Best Practices Analyzer

Once the installation process is complete, it’s time to actually analyze your Exchange Server organization. As I mentioned before, the ExBPA does not have to be installed directly on an Exchange Server. The reason for this is that Exchange Server stores the majority of its configuration information in the Active Directory database. The ExBPA pulls information from the Active Directory, the IIS Metabase, and various other sources in order to determine how your Exchange Server organization is configured.

When you initially launch the ExBPA, the first thing that you see a screen asking you if you want to check for updates. Because Microsoft does frequently change the recommended best practices, I do recommend checking for updates every time that you run the ExBPA.

[Note: Update functionality may no longer work due to the tool being retired.]

When you’re done checking for updates, you’ll be taken to the Welcome screen. This screen gives you the option of either selecting options for a new scan, or of viewing the results from a previous scan. Go ahead and choose the option to select options for a new scan.

At this point, you will be prompted to connect to an Active Directory server. To do so, click the Connect to the Active Directory Server link. Believe it or not, you won’t actually be prompted to enter the name of a domain controller. Instead, the ExBPA will scan your network, and automatically locate your domain controllers and your Exchange servers. When the scanning process is complete, you will be taken to a screen similar to the one that is shown in Figure A. As you can see in the figure, the screen gives you the option of choosing which type of skin you want to perform, and which servers you want to run the scan against.

[Note: Automatic discovery of domain controllers may not function correctly in modern environments due to outdated protocols.]

Figure A You must choose the type of scan that you want to perform, and the Exchange servers that you want to run the scan against.

As you can see in the figure above, there are quite a few different types of scans that you can perform. In part two of this article series, I will explain the difference between these various types of scans, and show you how to view the scan results.

Conclusion

In this article, I have explained that because Microsoft frequently changes there recommended best practices for Exchange Server, it is a good idea to periodically run the Microsoft Exchange Best Practices Analyzer against your Exchange Server organization.

[Note: For Exchange Server 2013 and newer, ExBPA is no longer supported. Use Exchange Server Health Checker or ExchangeAnalyzer scripts for modern best practices validation.]

Got a question? Post it on our Exchange Server Forums!

FAQs

How does Microsoft Exchange Server handle disaster recovery and backup solutions?

Microsoft Exchange Server provides comprehensive disaster recovery options including database availability groups (DAG), continuous replication technology, and built-in backup APIs. It supports various backup methods such as full, incremental, and differential backups, ensuring business continuity and data protection.

What are the hardware requirements for running Microsoft Exchange Server 2022?

Microsoft Exchange Server 2022 requires a minimum of 128GB RAM, multi-core processors, and dedicated storage systems with specific IOPS requirements. The exact specifications depend on your organization’s size and expected workload.

Can Microsoft Exchange Server integrate with cloud services?

Yes, Microsoft Exchange Server offers hybrid deployment options, allowing seamless integration with Microsoft 365 and other cloud services. This enables organizations to maintain on-premises control while leveraging cloud capabilities.

What security features are included in the latest Microsoft Exchange Server version?

The latest Microsoft Exchange Server includes advanced security features such as transport rules encryption, multi-factor authentication, anti-malware protection, and enhanced auditing capabilities to protect against modern cybersecurity threats.

How does Microsoft Exchange Server handle mobile device management?

Microsoft Exchange Server provides comprehensive mobile device management through ActiveSync policies, allowing administrators to enforce security policies, remote wipe capabilities, and control access to corporate email on various mobile platforms.