Best Practices Analyzer (BPA) is a server management tool that is available only in Windows Server 2008 R2. BPA can help administrators reduce best practice violations by scanning one or more roles that are installed on Windows Server 2008 R2 and reporting best practice violations to the administrator.
Administrators can filter or exclude results from BPA reports that they don’t need to see. Administrators can also perform BPA tasks by using either the Server Manager GUI, or Windows PowerShell cmdlets.
 Using Server Manager |
Using PowerShell cmdlets – Get-BPAModel, Invoke-BPAModel, Get-BPAResult |
New and/or updated BPA guidance will be made available through Windows Update.
By default, Windows Server 2008 R2 ships with built-in BPAs (5):
- Active Directory Certificate Services (ADCS)
- Active Directory Domain Services (ADDS)
- DNS
- Remote Desktop Services (RDS)
- IIS
Some new BPAs (7) are now available as standalone packages and/or through Windows Update:
- Windows Server Update Services (WSUS)
- Network Policy Server (NPS) – including RRAS, NPS, HRA
- Hyper-V
- DHCP
- File Services (DFS-N, DFS-R, FSRM, NFS, SMB)
- Active Directory Rights Management Services (AD RMS)
- Application Server
This covers up to 12 of the 17 server roles installable on a Windows Server 2008 R2.
Some BPAs are still missing for now:
- Active Directory Federation Services (ADFS)
- Active Directory Lightweight Directory Services (AD LDS)
- Fax Server
- Print and Document Services
- Windows Deployment Services
For more information: