Introduction

An administrator of Forefront TMG or ISA Server may want to document their current configuration, so that they can:

  1. Recreate the Forefront TMG/ISA Server setup from the documentation in the case of data loss/corruption.
  2. Share the documentation with other people, so that they can understand what settings are used (e.g. in the case of a deployment handover).

This document describes how Best Practices Analyzer (BPA) can be used to automatically document the configuration.

Forefront TMG/ISA Server BPA

There are 2 separate tools, one works for Forefront TMG, the other for ISA Server:

The procedures below, and all the examples, reference Forefront TMG BPA. The same procedure is equally applicable to ISA Server BPA.

How to document a Forefront TMG Server

To create a new document:

  1. Run the BPA application and click “Select options for a new scan”.

    clip_image002
  2. When scanning is finished click “View a report of this Best Practices scan” and then export the report to an XML file.
    clip_image004
  3. The output file can be used for configuration review and network visualization by the BPA2Visio tool (will be explained below).

How to review a pre-saved document for a Forefront TMG Server

  1. If you still have BPA open after following the procedure above, you already have the report available. If not, the following steps will load the report:
    a.  Launch BPA and click “Select a Best Practices scan to view”.
    b.  Choose one of the available scans, or choose “Import scan” to load a different scan result from a file.
    c.  If you choose to use a report from the list, you’ll need to choose the “View a report of this scan” option to actually view the scan. The view will bring you to the “All Issues” tab, the same location within the UI where you ended up after completing the “How to document a Forefront TMG Server” procedure above.
  2. Choose the “Tree Reports” radio button, and then click on the “Detailed View” tab, which will display the configuration data and the “TMG configuration” data node.
    clip_image006
  3. It is possible to copy specific node contents to the clipboard. To do that, right-click on the node and choose the “Copy to clipboard” option. The node will be copied to the clipboard and the resulting text will also preserve the existing data hierarchy. For example, you can copy the “Exception” node, and the text can be pasted into your favorite editor as shown below.
    clip_image008
  4. Now you can review the configuration and do the required work. The “TMG Configuration” node contents are designed to mimic the Forefront TMG Management MMC console hierarchy, making it simple to map the data to the appropriate place in the Forefront TMG UI. The Forefront TMG BPA application highlights the problematic nodes with “Error”, “Warning” and “Info” icons, as shown above.

How to visualize a pre-saved document for a Forefront TMG Server

As we have already said, we have a specially designed tool called BPA2Visio that can visualize the network deployment of your server based on the BPA report.

  1. To visualize your network you should run BPA2Visio on a machine where the Microsoft Visio tool is installed (not necessarily the server machine). To do that you need to run the application. You can run it from the Start Menu as follows: “Start Menu” > “All Programs” > “Microsoft Forefront TMG Server” > “TMG Tools” > “BPA2Visio”. Another way to run the application is to invoke it from within the “Forefront TMG BPA” application directly. To do that, you should open the report for review – just like we did in the previous explanation, and then click the “Start BPA2Visio” button on the left pane.
    clip_image010
  2. After the BPA2Visio application has started, please “Load an existing report” from the location you have saved it, and then click “Generate Diagram”. This will generate a network diagram in the Visio tool.
    clip_image012
  3. Here is an example of a generated diagram:
    clip_image014
  4. And you are done! BPA2Visio will highlight the problematic elements, as detected by “Forefront TMG BPA”, at the same time that the report is generated.

 

Author:
Alexey Doctorovich, Software Development Engineer, Forefront TMG Team

Reviewers:
Neta Amit, Senior Program Manager, Forefront TMG Team
Adi Kurtz, Senior Test Lead, Forefront TMG Team
Ori Yosefi, Senior Program Manager, Forefront TMG Team
Gabriel Koren, Forefront TMG Test Team