Logo
CAR REVIEW
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
PREGNANCY
 
 
Windows Server

Windows Server 2008 R2 : Analyze Server Roles (part 2) - Use PowerShell with the Best Practices Analyzer

6/17/2011 11:50:21 AM

3. Use PowerShell with the Best Practices Analyzer

The BPA tools also have full PowerShell cmdlet support. You can accomplish the BPA tasks in PowerShell as well. The BPA PowerShell cmdlets are also built in to the server and do not require any additional tools or packages to be installed to use them. The PowerShell tools also provide you with the additional capability to run BPA scans of multiple roles at one time.

To be able to run the BPA PowerShell commands, you need to load both the Server Manager PowerShell module and the Best Practices Analyzer module. You can either load them separately or run Windows PowerShell modules.

  1. Load the Windows PowerShell modules by selecting Start => Administrative Tools and clicking Windows PowerShell Modules.

  2. To load the modules separately, after you have opened an administrative PowerShell session, run the following procedure below. If you do not run the BPA commands from an administrative window, you may see a message similar to Figure 6 reminding you to run the command in an administrative window.

Figure 6. BPA administrator required

Follow these actions, referenced previously in Step 2:

  1. Open administrative PowerShell by selecting Start => All Programs => Accessories => Windows PowerShell.

  2. Right-click Windows PowerShell, and select Run As Administrator.

  3. If prompted by User Account Control, click Yes.

  4. From the PowerShell prompt, type the following, and then hit Enter:

    Import-Module ServerManager

  5. From the PowerShell prompt, type the following, and then hit Enter:

    Import-Module BestPractices

There are really four commands you will need to learn, as shown in Table 2.

Table 2. BPA PowerShell Commands
CommandUsage
Get-BPAModelThis command will allow you to view the roles installed on the server where you can run BPA scans; this tool will also show you when the last scan on a particular role was created.
Get-BPAResultThis command will allow you to view the results for any given BPA scan you have performed.
Invoke-BPAModelThis command will allow you to run a BPA scan on your server for a particular role you want to scan.
Set-BPAResultThis command allows you to filter the BPA report from the Get-BPAResult command to allow you to see only the information you want to view in the report.

3.1. BPA PowerShell Examples

To determine which roles are currently installed on the server that you can run a BPA scan against, or to see if a BPA scan has been run, you can use the following command:

Get-BPAModel

You will see results similar to Figure 7.

Figure 7. Get-BPAModel sample results

The important part of the Get-BPAModel command are the model IDs displayed in the results. The model IDs are used in the other BPA commands to perform designated tasks. Currently there are only five IDs you can use to support the five roles currently leveraging the BPA; they're listed in Table 3.

Table 3. BPA Role IDS
BPA Role IDRole
Microsoft/Windows/CertificateServicesActive Directory Certification Services (AD CS)
Microsoft/Windows/DirectoryServicesActive Directory Domain Services (AD DS)
Microsoft/Windows/DNSServerDNS
Microsoft/Windows/TerminalServicesRemote Desktop Services (RDS)
Microsoft/Windows/WebServerInternet Information Services (IIS)

To scan the Internet Information Services role on your server, run the following command:

Invoke-BPAModel -id Microsoft/Windows/WebServer

To scan all the roles currently supported by the BPA tool, you could run the following command on your Windows Server 2008 R2 server:

Get-BPAModel | Invoke-BPAModel

To view the BPA report for the Internet Information Services BPA scan, run the following command, and you will see results similar to Figure 8:

Get-BPAResult -id Microsoft/Windows/WebServer

Figure 8. Get-BPAResult sample results

Although you can view the results in the PowerShell window, remember that you can always view the results in the Server Manager interface regardless of where you ran the scan from (the GUI or PowerShell). So if you want to view the full report, we recommend using the Server Manager interface. If you want to filter results, you can do this in PowerShell with the Set-BPAResult command or with the Where clause.

If you want to view a BPA report for Internet Information Services but only with the rules in the Security category, you could run the following command:

Get-BPAResult -id Microsoft/Windows/WebServer
| Where { $_.Category -eq "Security" }
Other -----------------
- Windows Server 2008 R2 : Maintaining Your Web Server - Work with Websites
- SQL Server 2008 : Creating Indexes via T-SQL (part 2) - Creating Filtered Indexes & Creating XML Indexes
- SQL Server 2008 : Creating Indexes via T-SQL (part 1) - Creating Clustered and Nonclustered Indexes & Creating Unique and Primary Key Indexes
- SQL Server 2008 : Index Vocabulary, Structure, and Concepts
- BizTalk 2009 : The Enterprise Service Bus Toolkit 2.0 - The Architecture (part 2) - Adapter Providers & Mediation Policies
- BizTalk 2009 : The Enterprise Service Bus Toolkit 2.0 - The Architecture (part 1) - Mediation Components & Resolvers
- BizTalk 2009 : The Enterprise Service Bus Toolkit 2.0 - BizTalk and the ESB Concept
- SQL Server 2008 High Availability : Log Shipping (part 2) - SharePoint and Log Shipping
- SQL Server 2008 High Availability : Log Shipping (part 1) - How to Configure Log Shipping
- Windows Server 2008 R2 : Manage Internet Information Services (part 2) - Remotely Manage IIS Servers & Manage IIS with PowerShell
- Windows Server 2008 R2 : Manage Internet Information Services (part 1) - Work with the IIS Management Console
- Microsoft Dynamics CRM 2011 : Merging Account or Contact Records
- Microsoft Dynamics CRM 2011 : Assigning Accounts and Contacts to Other Users
- BizTalk 2009 : Host Integration Server 2009 - Performance Testing and Tuning
- BizTalk 2009 : Host Integration Server 2009 - Two-Phase Commit
- SQL Server 2008 : Automating Routine Maintenance - Maintenance Plans
- SQL Server 2008 : SQL Server Agent (part 2) - Jobs & Proxies
- SQL Server 2008 : SQL Server Agent (part 1) - Operators, Enabling SQL Server Agent Notifications & Alerts
- Windows Server 2008 R2 : Install Internet Information Services (part 2) - Install IIS on Windows Server 2008 R2 Core Server & Windows Server 2008 R2 Web Edition
- Windows Server 2008 R2 : Install Internet Information Services (part 1) - Understand Internet Information Services Role Services
 
 
Most view of day
- Planning Deployment : Planning Low-Volume Deployment, Windows Vista Requirements
- Microsoft Exchange Server 2013 : Mailbox management - Seeking perfection halts progress (part 3) - Changing EAC columns
- Preparing Windows PE : Exploring Windows PE
- Designing and Configuring Unified Messaging in Exchange Server 2007 : Monitoring and Troubleshooting Unified Messaging (part 2) - Performance Monitors
- Maintaining Desktop Health : Monitoring Reliability and Performance (part 2)
- Microsoft Visio 2010 : Organizing and Annotating Diagrams - Markup & Review
- Exchange Server 2007 : Migrating from Windows 2000 Server to Windows Server 2003 (part 3) - Upgrading the AD Schema Using adprep
- Microsoft Systems Management Server 2003 : Security - Accounts and Groups
- BizTalk Server 2009 Operations : Maintaining the BizTalk Group (part 2) - Backup Procedures
- Microsoft Systems Management Server 2003 : Running Software Metering Reports
Top 10
- Microsoft Exchange Server 2013 : Mailbox management - Setting mailbox permissions (part 5) - Outlook delegate access
- Microsoft Exchange Server 2013 : Mailbox management - Setting mailbox permissions (part 4) - Sending messages on behalf of other users
- Microsoft Exchange Server 2013 : Mailbox management - Setting mailbox permissions (part 3) - Mailbox auto-mapping through Autodiscover
- Microsoft Exchange Server 2013 : Mailbox management - Setting mailbox permissions (part 2) - Managing Full Access permission
- Microsoft Exchange Server 2013 : Mailbox management - Setting mailbox permissions (part 1) - Mailbox delegation
- Microsoft Exchange Server 2013 : Mailbox management - Health mailboxes
- Microsoft Exchange Server 2013 : Mailbox management - Discovery mailboxes - Creating additional discovery mailboxes
- Windows Phone 8 : Messaging - Composing a New Message (part 8) - Checking for New Mail
- Windows Phone 8 : Messaging - Composing a New Message (part 7) - Adding Emoticons and Clip Art
- Windows Phone 8 : Messaging - Composing a New Message (part 6) - Adding Recipients Through CC and Blind CC
 
 
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
2015 Camaro