Powershell - Using the Windows Server Best Practice Analyzer
To support me, you can subscribe to the channel, share and like the videos, disable your ad blocker or make a donation. Thank you!
Hello,
The Best Practices Analyzer (BPA) is a tool built into Windows Server that checks whether certain configurations (mainly roles) comply with best practices.
It can be interesting to check, for the best practices available, whether you comply with them.
These best practices do not have to be respected it is up to you to judge, if in your context, they seem relevant to you.
In this article, I show you how to use the Windows Server Best Practice Analyzer in PowerShell
# List available BPA.Get-BPAModel | Select-Object -Property Name,Id, LastScanTime# But a few more are listed as followsGet-WindowsFeature | Where-Object {$_.BestPracticesModelId -ne ''} | Select-Object -Property name,BestPracticesModelId
# Run an analysis using the ID# If the role/functionality is not installed on the server, you will get an errorInvoke-BpaModel -ModelID 'Microsoft/Windows/DirectoryServices
# Run an analysis of all the BPAs for which the role is installed on the workstationGet-WindowsFeature | Where-Object {($_.BestPracticesModelId -ne '') -and ($_.'InstallState' -eq 'installed')} | Invoke-BpaModel
# Display the result of the analysisGet-BpaResult -ModelID Microsoft/Windows/DirectoryServices | Where-Object Resolution -ne $null | Select-Object -Property severity, Problem, Resolution,help
# Display results classified as errors or warningsGet-BpaResult -ModelId 'Microsoft/Windows/DirectoryServices' | Where-Object { $_.severity -match 'warning|error' }
# Display the result of the analysis in an interactive tableGet-BpaResult -ModelID Microsoft/Windows/DirectoryServices | Where-Object Resolution -ne $null | Out-GridView
# Export results as CSVGet-BpaResult -ModelID Microsoft/Windows/DirectoryServices | Where-Object Resolution -ne $null | Export-Csv -path c:\bpa_results.csv
# Export results in htmlGet-BpaResult -ModelID Microsoft/Windows/DirectoryServices | Where-Object Resolution -ne $null | ConvertTo-Html > c:\bpa_results.html
# Exclude results# Exclusion will only make elements invisible in the graphical interface (in the server manager).# You need to filter the rules you wish to excludeGet-BPAResult -ModelID Microsoft/Windows/DirectoryServices | Where-Object { $_.RuleID -eq 44} |Set-BPAResult -Exclude $true# Another exampleGet-BPAResult -ModelID Microsoft/Windows/DirectoryServices | Where-Object { $_.Severity -eq "Information"} | Set-BPAResult -Exclude $true
# Remove the exclusionGet-BPAResult -ModelID Microsoft/Windows/DirectoryServices | Where-Object { $_.RuleID -eq 44} | Set-BPAResult -Exclude $false# Another exampleGet-BPAResult -ModelID Microsoft/Windows/DirectoryServices | Where-Object { $_.Severity -eq "Information"} | Set-BPAResult -Exclude $falseRelated links
Powershell - Compress-Archive and Expand-Archive to create and extract ZIP archives
Powershell, through the Microsoft.PowerShell.Archive module, allows us to create, update and extract ZIP archivesPowershell - Export-Csv versus Export-Clixml
Powershell - Export-Csv versus Export-Clixml, or the limits of Export-CsvPowershell - Overview of Where-Object basic syntax and its limitations
Powershell - Overview of Where-Object basic syntax and its limitationsPowershell - Hyper-V - Give a custom name to a virtual network adapter
Hyper-V defaults to naming virtual machine NICs as network adapters. This can make it difficult to identify their usage, but this problem can be solved with Powershell which allows you to change the name of virtual network adapters.Powershell - How to add and view a GPO description
How to add and view a GPO description in PowershellPowershell - Displaying and changing the power mode in Windows
How to display and modify the power mode in Windows with Powershell
Follow me on
Support me
Last content
Powershell - Compress-Archive and Expand-Archive to create and extract ZIP archives
Powershell - Export-Csv versus Export-Clixml
Powershell - Overview of Where-Object basic syntax and its limitations
Powershell - Hyper-V - Give a custom name to a virtual network adapter
Powershell - How to add and view a GPO description
Powershell - Displaying and changing the power mode in Windows
Powershell - Adding a line to a file from a specific line
Windows 11 - how to organise your Start menu