New Exchange Best Practices Analyzer version Released

by Amit Zinman [Published on 7 Dec. 2005 / Last Updated on 7 Dec. 2005]

The most updated Microsoft utility just got better once again. Check out the list of new features here.

New Exchange Best Practices Analyzer version Released

The most updated Microsoft utility just got better once again. Amongst the changes are:

  • Detection of servers that exhibit kernel memory problems because of hot-add memory pre-allocation.
  • Enhanced support for Exchange 2003 SP2. Including:
    • Organization-wide PF replication
    • Flat restriction best practices
    • Detection of OAB Version 4
    • Detection of max database size reg key
    • IMF custom response implementation
    • Check supported configuration boundaries when running under Virtual Server
    • Advise on the upgrade of Exchange 2003 SP2 for servers and ADC servers
    • MTA disable support
    • Verifies that the server is running the final build and not the CTP version that was released on the web.
  • HP storage enhancements. Detects whether the very latest version of SecurePath is running. Also advises on the installation of the free-of-charge EVAPerf tool (adds more storage perfmon counters) if the SAN is an EVA.
  • Updated firmware checks. Enhanced support for checking out-of-date BIOS' on HP and Dell servers.
  • Checks for a plethora of manual registry overrides. Includes:
    • MaxClientRequestBuffer
    • RPC Ports
    • MinUserDc
    • Lookup Sid Cache Expire
    • Lookup Sid Cache Limit
  • Exchange server naming consistency checks. Verifies that the FQDN in ncacn_ip_tcp is the same as the resolved name in DNS. Also checks to see if the server name has been manually adjusted in the registry. The tool warns if the DHCP Client service is not running (causes dynamic DNS update failures). Finally, support has been added for pure Exchange 2000 IM installations where the networkAddress property is not populated.
  • Warn if GCs aren't responding on port 3268. Good for older Windows 2000 GCs that require a reboot after promotion and other GCs that are 'deaf'.
  • Front end services. Checks to see if the RUS and/or OAB generation is configured to run on a front-end server.
  • System folder replica check. Identifies system folders (e.g. OAB, Schedule+ Free/Busy) that have a single replica and could be a single point of failure in an organization containing multiple servers with Public Folder stores.
  • MTA routing check. Verifies that X.400 addresses in recipient policies are formatted correctly. For example, an address that doesn't have a trailing semi-colon can cause routing failures.
  • Storage quota checks. Warns if storage quotas aren't in place. Also warns if receive limit and send/receive limit are within 20% of each other.
  • RUS/Domain associations. Warns if a domain has been DomainPrep'd, but an associated RUS does not exist.
  • ACL upgrade failures. Warns if excessive ACL upgrade failures are occurring.
  • Front-end/Back-end version comparison. Warns if the wmtemplates.dll file is newer on back-end servers. This is a good indication that a back-end server has received an OWA hotfix that hasn't been applied to a front-end.
  • Alockout detection. Detects servers that have Account Lockout Management tools installed.
  • Exchmem.dll hell. Checks to see if exchmem.dll is hanging around in the \windows\system32 folder. Throws an error if it's older than the version in \exchsrvr\bin.
  • VMWare rule. Revised supportability wording.
  • Transaction log generation. Implemented an Error threshold (1,020,000) so it's more obvious if the server is reaching a critical point and is in danger of running out of log numbers (the warning fires at 950,000).
  • Journaling recipient configuration. Verifies a number of different aspects, ensuring that the journaling recipient a) has not been deleted b)  is hidden in the GAL c) is not on the same server as the MDB being journaled d) is properly mail or mailbox-enabled e) is not a disabled account (and msExchMasterAccountSid is not set).
  • AD Sites and subnets. Collects more information on site and site link configuration.
  • McAfee GroupShield updates. Verifies that the very latest patches for GroupShield 6.0 are installed.
  • Connectivity test update. Increased max allowable time from 1 minute to 5 minutes per server. This will prevent premature timeouts on slow connections.



See Also

The Author — Amit Zinman

Amit Zinman avatar

Currently working as Project Manager and Systems Consultant, heading and consulting on Exchange and NT/Windows 2000 based migrations and deployments for large companies such as Checkpoint, Comverse, Smarteam, Nice, Aladdin and leading Israeli Banks, Also involved in writing scripts and custom solutions for clients based on ADSI, CDO and Visual Basic and teaching Windows 2000 and Exchange 2000 in MSCE colleges and lecturing in Microsoft User Groups.

Featured Links