Experts are always suggesting to configure a server by best practices. This application will keep an eye to check vulnerabilities, unused open ports which are suspicious and should be blocked. It also tells us if there is any vulnerabilities setup issue with any particular roles that we have installed on our Server and gives us results in the form of information, warning and errors.
There are two ways to run Best practices on Windows Servers.
- GUI base
- Powershell scripts
Method 1 GUI Base
By running Best Practice Analyser GUI is quite simple and here you can see steps to run it. First go to Server Manager > Local Server > Tasks > Start BPA Scan
The results will show like below:
We can filter to see only Warning and Errors. We can review errors and warnings one by one and Microsoft suggests articles to resolve issue.
Method 2 PowerShell
By using Powershell commands we can generate report easily in CSV format and review.
Run Powershell as Administrator
Run below commands one by one
Get-bparesult Microsoft/Windows/DirectoryServices | ConvertTo-CSV | set-content “C:\BPA_Report.csv”