Zimbra MTA

The Zimbra MTA (Mail Transfer Agent) receives mail via SMTP and routes each message, using Local Mail Transfer Protocol (LMTP), to the appropriate Zimbra mailbox server.

The Zimbra MTA server includes the following programs:

Postfix MTA, for mail routing, mail relay, and attachment blocking
Clam AntiVirus, an antivirus engine used for scanning email messages and attachments in email messages for viruses
SpamAssassin and DSPAM, mail filters that attempt to identify unsolicited commercial email (spam), using a variety of mechanisms
Amavisd-New, a Postfix content filter used as an interface between Postfix and ClamAV / SpamAssassin

In the Zimbra Collaboration Suite configuration, mail transfer and delivery are distinct functions. Postfix primarily acts as a Mail Transfer Agent (MTA) and the Zimbra mail server acts as a Mail Delivery agent (MDA).

MTA configuration is stored in LDAP and a configuration script automatically polls the LDAP directory every two minutes for modifications, and updates the Postfix configuration files with the changes.

Zimbra MTA Deployment

The Zimbra Collaboration Suite includes a precompiled version of Postfix. This version does not have any changes to the source code, but it does include configuration file modifications, additional scripts, and tools.

Postfix performs the Zimbra mail transfer and relay. It receives inbound messages via SMTP, and hands off the mail messages to the Zimbra server via LMTP, as shown in the following figure. The Zimbra MTA can also perform anti-virus and anti-spam filtering.

Postfix also plays a role in transfer of outbound messages. Messages composed from the Zimbra web client are sent by the Zimbra server through Postfix, including messages sent to other users on the same Zimbra server.

Figure 6: Postfix in a Zimbra Environment

6 MTA.5.1.1.jpg

*The term “edge MTA” is a generic term referring to any sort of edge security solution for mail. You may already deploy such solutions for functions such as filtering. The edge MTA is optional. Some filtering may be duplicated between an edge MTA and the Zimbra MTA.

Postfix Configuration Files

Zimbra modified the following Postfix files specifically to work with the Zimbra Collaboration Suite:

main.cf – Modified to include the LDAP tables. The configuration script in the Zimbra MTA pulls data from the Zimbra LDAP and modifies the Postfix configuration files.
master.cf – Modified to use Amavisd-New.

Important: Do not modify the Postfix configuration files directly! Some of the Postfix files are rewritten when changes are made in the administration console. Any changes you make will be overwritten.

MTA Functionality

Zimbra MTA Postfix functionality includes:

SMTP authentication
Attachment blocking
Relay host configuration
Postfix-LDAP integration
Integration with Amavisd-New, ClamAV, and Spam Assassin

SMTP Authentication

SMTP authentication allows authorized mail clients from external networks to relay messages through the Zimbra MTA. The user ID and password is sent to the MTA when the SMTP client sends mail so the MTA can verify if the user is allowed to relay mail.

Note: User authentication is provided through the Zimbra LDAP directory server, or if implemented, through the Microsoft Active Directory Sever.

SMTP Restrictions

In the administration console, you can enable restrictions so that messages are not accepted by Postfix when non-standard or other disapproved behavior is exhibited by an incoming SMTP client. These restrictions provide some protection against ill-behaved spam senders. By default, SMTP protocol violators (that is, clients that do not greet with a fully qualified domain name) are restricted. DNS based restrictions are also available.

Important: Understand the implications of these restrictions before you implement them. You may want to receive mail from people outside of your mail system, but those mail systems may be poorly implemented. You may have to compromise on these checks to accommodate them.

Relay Host Settings

Postfix can be configured to send all non-local mail to a different SMTP server. Such a destination SMTP server is commonly referred to as a “relay” or “smart” host. You can set this relay host from the administration console.

A common use case for a relay host is when an ISP requires that all your email be relayed through designated host, or if you have some filtering SMTP proxy server.

In the administration console, the relay host setting must not be confused with web mail MTA setting. Relay host is the MTA to which Postfix relays non-local email. Webmail MTA is used by the Zimbra server for composed messages and must be the location of the Postfix server in the Zimbra MTA package.

Important: Use caution when setting the relay host to prevent mail loops

MTA-LDAP Integration

The Zimbra LDAP directory service is used to look up email delivery addresses. The version of Postfix included with Zimbra is configured during the installation of the Zimbra Collaboration Suite to use the Zimbra LDAP directory.

Account Quota and the MTA

Account quota is the storage limit allowed for an account. Account quotas can be set by COS or per account. The MTA attempts to deliver a message, and if a Zimbra user’s mailbox exceeds the set quota, the Zimbra mailbox server rejects the message as mailbox is full and the sender gets a bounce message. You can view account quotas from the Administration Console, Monitoring Server Statistics section.

MTA and Amavisd-New Integration

The Amavisd-New utility is the interface between the Zimbra MTA and Clam AV and SpamAssassin scanners.

Anti-Virus Protection

Clam AntiVirus software is bundled with the Zimbra Collaboration Suite as the virus protection engine. The Clam anti-virus software is configured to block encrypted archives, to send notification to administrators when a virus has been found, and to send notification to recipients alerting that a mail message with a virus was not delivered.

The anti-virus protection is enabled during installation. You can also enable or disable virus checking from Global Settings on the administration console. By default, the Zimbra MTA checks every two hours for any new anti-virus updates from ClamAV.

Note: Updates are obtained via HTTP from the ClamAV website.

Anti-Spam Protection

SpamAssassin and DSPAM are spam filters bundled with ZCS. When ZCS is installed, spam training is automatically enabled to let users train spam filters when they move messages in and out of their junk folders.

The SpamAssassin default configuration for ZCS is as follows:

zimbraSpamKillPercent: Spaminess percentage beyond which a message is dropped. Default kill percent at 75%. Mail that is scored at 75% is considered spam and is not delivered. SpamAssassin score of 20 is considered 100%. 75% equates to a spam score of 15.
zimbraSpamTagPercent: Spaminess percentage beyond which a message is marked as spam. Default tag percent at 33%. Mail that is scored at 33% is considered spam and is delivered to the Junk folder. Since a SpamAssassin score of 20 equates to 100%, the zimbraSpamTagPercent would equate to a spam score of 6.6.

A Subject Prefix can be configured so messages considered as spam are identified in the subject line as tagged as spam. When a message is tagged as spam, the message is delivered to the recipient’s Junk folder.

You can change these settings from the administration console, Global Settings Anti-Spam tab.

Note: ZCS configures the spam filter to add 0.5 to the Spamassassin score if DSPAM marks the message as spam and deduct 0.1 if DSPAM does not label it as spam.

Anti-Spam Training Filters

When ZCS is installed, the automated spam training filter is enabled and two feedback mailboxes are created to receive mail notification.

Spam Training User to receive mail notification about mail that was not marked as junk, but should be.
Non-spam (HAM) training user to receive mail notification about mail that was marked as junk, but should not have been.

For these training accounts, the mailbox quota is disabled (i.e. set to 0) and attachment indexing is disabled. Disabling quotas prevents bouncing messages when the mailbox is full.

How well the anti-spam filter works depends on recognizing what is considered spam or not considered spam. The SpamAssassin filter can learn what is spam and what is not spam from messages that users specifically mark as Junk from their web client toolbar or Not Junk from the web client Junk folder. A copy of these marked messages is sent to the appropriate spam training mailbox.The Zimbra spam training tool, zmtrainsa, is configured to automatically retrieve these messages and train the spam filter.

The zmtrainsa script is enabled through a cron job to feed mail that has been classified as spam or as non-spam to the SpamAssassin application, allowing SpamAssassin to ‘learn’ what signs are likely to mean spam or ham. The zmtrainsa script empties these mailboxes each day.

By default all users can give feedback in this way. If you do not want users to train the spam filter, you can modify the global configuration attributes, zimbraSpamIsSpamAccount and zimbraSpamIsNotSpamAccount, and remove the spam/ham account addresses from the attributes. To remove, type as:

zmprov mcf <attribute> ‘’

Restart the Zimbra services, type zmcontrol stop and then zmcontrol start.

When these attributes are modified, messages marked as junk or not junk are not copied to the spam training mailboxes.

Initially, you may want to train the spam filter manually to quickly build a database of spam and non-spam tokens, words, or short character sequences that are commonly found in spam or ham. To do this, you can manually forward messages as message/rfc822 attachments to the spam and non-spam mailboxes. When zmtrainsa runs, these messages are used to teach the spam filter. Make sure you add a large enough sampling of messages to these mailboxes. In order to get accurate scores to determine whether to mark messages as spam at least 200 known spams and 200 known hams must be identified.

The zmtrainsa command can be run manually to forward any folder from any mailbox to the spam training mailboxes. To send a folder to the spam training mailbox, type the command as:

zmtrainsa <server> <user> <password> spam [foldername]

To send the to the non-spam training mailbox, type:

zmtrainsa <server> <user> <password> ham [foldername]

Password is not needed in 4.5.6+ see CLI_zmtrainsa

Turning On or Off RBLs

See Customizing the MTA for current information

Receiving and Sending Mail through Zimbra MTA

The Zimbra MTA delivers both the incoming and the outgoing mail messages. For outgoing mail, the Zimbra MTA determines the destination of the recipient address. If the destination host is local, the message is passed to the Zimbra server for delivery. If the destination host is a remote mail server, the Zimbra MTA must establish a communication method to transfer the message to the remote host. For incoming messages, the MTA must be able to accept connection requests from remote mail servers and receive messages for the local users.

In order to send and receive email, the Zimbra MTA must be configured in DNS with both an [B_app-glossary.16.1.html#1037278 A record] and a [B_app-glossary.16.1.html#1021370 MX Record]. For sending mail, the MTA use DNS to resolve hostnames and email-routing information. To receive mail, the MX record must be configured correctly to route messages to the mail server.

You must configure a relay host if you do not enable DNS. Even if a relay host is configured, an MX record is still required if the server is going to receive email from the internet.

Zimbra MTA Message Queues

When the Zimbra MTA receives mail, it routes the mail through a series of queues to manage delivery. The Zimbra MTA maintains four queues where mail is temporarily placed while being processed: incoming, active, deferred and hold.

6 MTA.5.1.2.jpg

Incoming.

The incoming message queue holds the new mail that has been received. Each message is identified with a unique file name. Messages in the incoming queue are moved to the active queue when there is room in the active queue. If there are no problems, message move through this queue very quickly.

Active.

The active message queue holds messages that are ready to be sent. The MTA sets a limit to the number of messages that can be in the active queue at any one time. From here, messages are moved to and from the anti-virus and anti-spam filters before being delivered or moved to another queue.

Deferred.

Message that cannot be delivered for some reason are placed in the deferred queue. The reasons for the delivery failures is documented in a file in the deferred queue. This queue is scanned frequently to resend the message. If the message cannot be sent after the set number of delivery attempts, the message fails. The message is bounced back to the original sender.

Verified Against: Zimbra Collaboration 8.0, 7.0 Date Created: 04/16/2014
Article ID: https://wiki.zimbra.com/index.php?title=Zimbra_MTA Date Modified: 07/13/2015
Advertisements

60+ Free SysAdmin tools: Free IT software for business in 2016

IT professionals keep technology running smoothly at companies around the world so everyone else can do their job. But often, these hard-working, computer-savvy professionals are tasked with fixing everything and anything electronic, with little or no budget for software.

Thankfully, some helpful IT tools are available for free. But not all no-cost IT software is created equal. With freeware tools, sometimes you get what you pay for and busy IT workers don’t have time to individually test every application to separate the good apps from the not so good.

Great free tools for IT professionals

Often, the best way to find out about free IT tools and utilities is from others who have hands-on experience. And over the years, IT pros in Spiceworks have recommended many high-quality, free software tools to each other. We combed through many “best of” posts and reviews in Spiceworks to create this list of IT tools that are either completely free for commercial use or provide a free version that can serve a legitimate business purpose with an option to upgrade if more functionality is needed.

Free Backup Software

If you’re looking for low-cost or no-cost enterprise backup solutions for PCs and servers, check out these 5 free backup tools for IT pros. Most are completely free, while others are free versions of more powerful paid products, with a few small limitations.

  • Veeam Endpoint Backup Free — free for unlimited Windows-based desktops and laptops, this software can help anyone back up PCs to external hard drives or networked storage. (reviews)
  • Veeam Backup Free Edition — highly-rated virtualization backup software for creating ad-hoc backups of VMware or Hyper-V virtual machines (reviews)
  • Bacula — a network-based open source solution that can help sysadmins back up, recover, and verify data. Bacula claims they are the most popular open source backup program. (reviews)
  • Cobain Backup — freeware that can help you schedule incremental backups of files and directories (reviews)
  • Unitrends Enterprise Backup Free — free server backup virtual appliance that can help you protect your small business or home environment for up to 1TB of data (reviews)

Free Antivirus for Businesses

Free Text Editor

  • Notepad++ — a highly-rated free text editor for Windows that supports syntax highlighting for many file formats that’s available under the GNU General Public License (GPL), meaning it’s free to use by anyone, including businesses. (reviews)

Free Boot CD and Utilities

If your operating system won’t boot due to hard disk problems or a corrupted master boot record (MBR), boot discs or bootable USB sticks can help you recover files or figure out what’s wrong.

  • Ultimate Boot CD — a “completely free” boot disc that includes many diagnostic, disk, boot management, and benchmarking tools. Many IT pros consider it an essential tool in the IT pro arsenal. (reviews)
  • Knoppix — a fully functional Linux distribution / live CD that’s bootable from a USB drive, making it useful if you need to rescue data (reviews)
  • Hiren’s Boot CD — another bootable CD that includes many tools for data recovery, disk imaging, and general computer troubleshooting (reviews)

Free Disk Utilities

Whether you need to image a disk, permanently delete files, or blow away an entire hard drive, these free tools have you covered.

  • DBAN (Darik’s Boot And Nuke) — DBAN is one of the best wipe tools for hard drive disposal. If you need certification of erasure for compliance reporting, however, you should upgrade to the paid version
  • File Shredder — a free utility that can help you permanently delete Windows files and folders without leaving any trace, so they can’t be recovered later. (review)
  • Disk Wipe — a free Windows application for permanent data destruction that is “free for personal or commercual use, without any restrictions.” (review)
  • CloneZilla — a bootable disk imaging and cloning utility similar to other paid tools. Best of all, Clonezilla is free and open source. (review)
  • IMGBurn — a lightweight application that can help you burn CDs, DVDs, HD DVDs, or Blu-rays for free. (review)
  • FOG Computer Cloner — a Linux-based, free and open-source computer imaging solution for Windows that works via TFTP and PXE. No boot disks required, you can deploy images to multiple systems over the network. (review)

Free File Utilities 

  • 7zip — file compression software that’s free and open source and can be used on any computer in a commercial organization (reviews)
  • FreeFileSync — a GUI-based, rule-based file syncing tool that can help you perform complex sync operations. The tool is open-source and works on Windows, Linux, and Mac OS X folders. (reviews)
  • WinDirStat — free software that provides disk usage statistics and cleanup tools for Microsoft Windows so you can see which files and directories are hogging disk space and do something about it (reviews)

Free File Transfer Utilities 

  • Filezilla — a popular, open source FTP client and FTP server that’s free, open source, and distributed under the GNU General Public License (reviews)
  • Martin Prikryl WinSCP — an open source SFTP client and FTP client for Windows known for it’s distinct lack of bloatware that can facilitate secure file transfers between computers (reviews)

Free Virtualization Software

  • Oracle VM VirtualBox — a very useful open-source (GNU license for the base package) hypervisor that runs on top of your existing OS. VirtualBox runs on Windows, OS X, Linux, and Solaris hosts and supports a huge range of guest OSes including major Windows releases, Linux, OS/2, OpenBSD, DOS, OSX, and more. While free, additional features in the optional extension pack need to be licensed for commercial use. (reviews)
  • Disk2VHD — a freeware tool that helps you do physical to virtual conversions (P2V)  by generating a Virtual Hard Disk (VHD) file for use with . (reviews)
  • vCenter Converter — freeware that allows you to create VMware virtual machines by converting from Windows or Linux physical machines, or other VM formats. (reviews)

Microsoft Management Tools

  • Windows SysInternals — a collection of advanced system utilities for designed to help IT professionals manage, troubleshoot, and diagnose their Windows systems. (Reviews for AutorunsProcess Monitor, BgInfoActive Directory Explorer)
  • PowerShell — Microsoft’s highly-rated and powerful, .NET-based command line scripting and automation framework allows you to automate numerous processes and simplify systems management, saving sysadmins lots of valuable time. (reviews)

Free Network Monitoring and Management Tools

  • Connectivity Dashboard — monitor and view speed to their applications. Figure out if there’s an issue with the ISP, application, or something else onsite with this network troubleshooting tool. (review)
  • PDQ Deploy — this time-saving tool helps you deploy patches and common applications to multiple systems across your network. According to IT pros, the free version provides plenty of features if you don’t want to upgrade to the pro version (review)
  • The Dude — free, cross-platform network monitor application that can scan and map your network and alert you if there are any problems (reviews)
  • Wireshark — an open-source, multi-platform packet analyzer tool you can use to scan network traffic. (reviews)
  • Spiceworks Network Monitor — free, Windows-based monitoring software that provides real-time status and alerts for your critical devices including servers, switches, SNMP devices, services, and more. (reviews)
  • Nagios — free, cross-platform, open source software for network, systems, and infrastructure monitoring with built-in alerting. (reviews)
  • Cacti — an open-source, multi-tenant network monitor and graphing tool for Unix or Windows. It uses industry standards like SNMP to poll and graph info on CPU, bandwidth utilization, memory and more. (reviews)
  • Zabbix — an open-source, Linux-based, real-time network monitoring system for various network services, servers, and hardware. It can monitor up to 100,000 devices and provide up to 1,000,000 metrics. (reviews)
  • PRTG — an all-in-one monitoring solution for Windows, which continuously collects status information from IT infrastructure and informs you about malfunctions and allows you to pro-actively reduce downtime. The free version is limited to monitoring 100 sensors / switch ports. (reviews)

Free Software Firewall + IDS / IPS

Numerous free, software-based firewalls can help protect your business from external threats and some can even analyze incoming traffic for intrusions.

  • pfSense —   a free, open-source, FreeBSD-based software firewall distribution that can also be deployed as a router, wireless access point, DHCP server, DNS server, or VPN endpoint and with integrations, can also serve as an IDS or IPS solution. (reviews)
  • Untangle — a software-based next generation firewall platform with an intuitive GUI interface that’s popular among IT professionals. The free version includes firewall, IPS, and some web filtering functionality, although you can pay to unlock additional features (reviews)
  • Snort — free and open source network intrusion detection and prevention software used by many IT departments to secure their network (reviews)
  • IPCop — A Linux-based, open source firewall that’s geared towards small office and is a favorite among some IT pros (reviews)
  • Smoothwall Express — A Linux-based open source firewall solution that’s been around since 2000, and has an easy-to-use web interva (reviews)

Free Network Scanners

  • Advanced IP Scanner  — Windows freeware that can locate all computers on your network quickly and allows for some remote control of devices via RDP and Radmin (reviews)
  • Angry IP Scanner — a cross-platform, open source network scanner that can help you quickly find devices on your network. Available for Linux, Windows, and Mac OS X (reviews)
  • Spiceworks Inventory  — comprehensive network management freeware for Windows that provides a one-stop shop for cataloging devices, customized reporting and alerting, and software tracking (reviews)
  • NMAP — a cross-platform, open source network security scanner that can help you create a map of your network. Nmap can scan for exposed ports and services, which can help you identify vulnerabilities and make your network more secure. (reviews)

Free Help Desk Software

  • Spiceworks Cloud Help Desk — help desk software with nothing to install. Build, a multi-user help desk with no limits so you can tackle tickets and solve IT problems quickly, and get back on with your day.

Free Remote Desktop / Remote Control Software

    • Microsoft Remote Desktop Protocol (RDP) — included in most Server, Pro, and Enterprise versions of Windows for decades, RDP allows IT pros to remotely control computers from afar, although it doesn’t include some of the screen mirroring functionality that third-party remote desktop assistance software does. (reviews)
    • VNC variants — freeware that allows you to mirror someone else’s screen on yours remotely and control the mouse and keyboard too. Very useful for IT professionals who need to manage and debug many PCs.• Tight VNC — available for Windows and Unix (reviews)
      • UltraVNC — available for Windows (reviews)

 

  • Remote Desktop Manager (Devolutions) — A cross-platform remote desktop tool that works on Windows, OS X, Android, and iOS and supports multiple session types including RDP, VNC, Apple Remote Desktop, TeamViewer, and LogMeIn. A completely free version is available, with additional connectivity, password management, security, and document management features unlocked if you upgrade to the paid Enterprise edition. (reviews)

Free Office Productivity Software

  • LibreOffice — LibreOffice is free, open-source office suite software for Windows, Linux, OS X. It includes software for word processing, spreadsheets, presentations, vector graphics and flowcharts, databases, and formula editing and is a branch of the OpenOffice project. (reviews)
  • Apache OpenOffice — An open source, multi-platform office suite that includes word processing, spreadsheets, slideshow presentations, and more. It can be downloaded and used completely free of charge for any purpose. (reviews)

Free Web-based Network Tools from Spiceworks

  • Subnet Calculator —  does the difficult math of subnetting for you, so you can more easily divide an IP network into smaller subnets, displaying subnet masks, IP ranges, and CIDR notations graphically.
  • Port Scanner and Tester — Quickly find out which ports at an IP address or hostname are exposed to the internet
  • IP Lookup — Learn more about an unknown IP address or hostname like the ISP’s domain, organization, owner, and location.
  • Blacklist Check and IP Reputation — Check if an IP address or domain is on an email or website blacklist, so you an protect your network and users from threats.
  • Website Down Checker — Check if a website is down for just you or if it’s down for everyone. Useful for getting closer to the root cause of an outage.

Web-based Speed Tests

  • Fast.com — a super fast way to check download speed in terms of megabits per second (Mbps)
  • Speedtest.net — test ping, download, and upload speed using this free online site

Free Photo and Video Editors

  • GIMP — The GNU Image Manipulation Program is a powerful open source, cross platform (Windows, Linux, OS X) image editor similar to Photoshop that is free to use for businesses. (reviews)
  • Camstudio — screen recording software for Windows that’s “completely 100% free for your personal and commercial projects.”
  • Windows Movie Maker — Free video editing software for Windows from Microsoft that allows you to splice videos, add text, transitions, voice-overs, and more. (reviews)

Source: https://community.spiceworks.com/networking/articles/2511-60-free-sysadmin-tools-free-it-software-for-business-in-2016

Microsoft Power Bi – Add image, text, video, and more to your dashboard

Add tile

The Add tile control lets you directly add an image, text box, video, streaming data, or web code to your dashboard.

  1. Select Add tile from the top menu bar. Depending on space limitations, you may see only the plus  sign.

  2. Select which type of tile to add: ImageText boxVideoWeb content, or Custom streaming data.

Add an image

Say you want your company logo on your dashboard, or some other image. You’ll need to save the image file online and link to it. Make sure special credentials aren’t required to access the image file. For example, OneDrive and SharePoint require authentication, so images stored there can’t be added to a dashboard this way.

  1. Select Image > Next.

  2. Add image information to the Tile details pane.

    • to display a title above the image, select Display title and subtitle and type a title and/or subtitle.
    • enter the image URL
    • to make the tile a hyperlink, select Set custom link and enter the URL. When colleagues click this image or title, they’ll be taken to this URL.
    • Select Apply. On the dashboard, resize and move the image as needed.

Add a text box or dashboard heading

  1. Select Text box > Next.

    NOTE: To add a dashboard heading, type your heading in the text box and increase the font.

  2. Format the text box:

    • to display a title above the text box, select Display title and subtitle and type a title and/or subtitle.
    • enter and format content for the text box.
    • Optionally, set a custom link for the title. However, in this example we’ve added hyperlinks within the text box itself, so leave Set custom link unchecked.
  3. Select Apply. On the dashboard, resize and move the text box as needed.

Add a video

When you add a YouTube or Vimeo video tile to your dashboard, the video plays right on your dashboard.

  1. Select Video > Next.

  2. Add video information to the Tile details pane.

    • to display a title and subtitle at the top of the video tile, select Display title and subtitle and type a title and/or subtitle. In this example, we’ll add a subtitle and then turn it into a hyperlink back to the entire playlist on YouTube.
    • enter the URL for the video
    • Add a hyperlink for the title and subtitle. Perhaps after your colleagues watch the embedded video you’d like them to view the entire playlist on YouTube — add a link to your playlist here.
    • Select Apply. On the dashboard, resize and move the video tile as needed.

  3. Select the video tile to play the video.

  4. Select the subtitle to visit the playlist on YouTube.

Add streaming data

Add web content

Paste or type in any HTML content. Power BI adds it, as a tile, to your dashboard. Enter the embed code by hand or copy/paste from sites such as Twitter, YouTube, embed.ly, and more.

  1. Select Web content > Next.

  2. Add information to the Add web content tile pane.

    • to display a title above the tile, select Display title and subtitle and type a title and/or subtitle.
    • enter the embed code. In this example we’re copying and pasting a Twitter feed.
    • Select Apply. On the dashboard, resize and move the web content tile as needed.

Tips for embedding web content

  • For iframes, use a secure source. If you enter your iframe embed code and get a blank tile, check to see if you’re using http for the iframe source. If so, change it to https.
  https://xyz.com

If you’d like the player to resize to fit the tile size, set width and height to 100%.

  
  • This code embeds a tweet and retains, as separate links on the dashboard, links for the AFK podcast, @GuyInACube’s Twitter pageFollow#analyticsreplyretweet, and like. Selecting the tile itself takes you to the podcast on Twitter.
  <blockquote class="twitter-tweet" data-partner="tweetdeck">
  <p lang="en" dir="ltr">Listen to
  <a href="https://twitter.com/GuyInACube">@GuyInACube</a> talk to
  us about making videos about Microsoft Business Intelligence
  platform
  <a href="https://t.co/TmRgalz7tv">https://t.co/TmRgalz7tv </a>
  <a href="https://twitter.com/hashtag/analytics?src=hash">
  #analytics</a></p>&mdash; AFTK Podcast (@aftkpodcast) <a
  href="https://twitter.com/aftkpodcast/status/693465456531771392">
  January 30, 2016</a></blockquote> //platform.twitter.com/widgets.js

Edit a tile

To make changes to a tile…

  1. Hover over the top right corner of the tile and select the ellipses.

  2. Select the edit icon to re-open the Tile details pane and make changes.

Considerations and troubleshooting

  • To make it easier to move the tile on your dashboard, add a title and/or subtitle.

  • If you’d like to embed some content from a website, but the website doesn’t give you embed code to copy and paste, check out embed.ly for help generating the embed code.

Source: https://powerbi.microsoft.com/en-us/documentation/powerbi-service-add-a-widget-to-a-dashboard/

How to migrate a Windows PC to a Parallels Desktop virtual machine

Symptoms

You have a Windows PC, and you want to migrate it, along with all its content, to a Parallels Desktop for Mac virtual machine.

Resolution

You can import all your data from a Windows PC to Parallels Desktop on your Mac. Then you can continue to work with all your Windows programs, files, and data side-by-side with OS X.

Important: After importing your data from your PC, you may need to reactivate some of your Windows programs using the activation keys you received when you purchased the programs.


Note: After migration is complete your PC will remain unmodified. See related article KB 117639


Requirements for importing your data

To import data to your Mac, you need a Windows computer with the following specifications:

For Parallels Transported Agent v.9:

  • Windows XP with Service Pack 2 or later, Windows Vista, Windows 7 or Windows 8.

    Note: You can also use a computer running Windows Server 2008 R2 (64-bit only), Windows Server 2008, or Windows 2000 Professional (32-bit only).

  • An Intel or AMD (700 MHz or higher) x86 or x64 processor
  • At least 256 MB of RAM
  • At least 70 MB of hard disk space for installing Parallels Transporter Agent
  • One of the following:
    • An Ethernet port for transferring your data over the network
    • A USB port for transferring your data using the Parallels USB cable
  • An external storage device, such as a USB hard disk
  • Supported Windows and Linux versions:**
    • Windows 8.1
    • Windows 7
    • Windows Vista
    • Windows XP
    • Windows Server 2003
    • Windows 2000
    • Red Hat Enterprise Linux 5.x, 6.x
    • Ubuntu Linux 10.04 LTS, 14.04

For Parallels Transporter Agent v.10

See the Parallels Transporter Agent User’s Guide)

  • 700 MHz (or higher) x86 or x64 processor (Intel or AMD)
  • 256 MB or more of RAM
  • 50 MB of hard disk space for installing Parallels Transporter Agent
  • Ethernet or WiFi network adapter for migrating over network
  • Supported Windows and Linux versions:
    • Windows 8.1
    • Windows 7
    • Windows Vista
    • Windows XP
    • Windows Server 2003
    • Windows 2000
    • Red Hat Enterprise Linux 5.x, 6.x
    • Ubuntu Linux 10.04 LTS, 14.04

Note: Parallels Desktop does not support migrating Windows dynamic volumes (in which size is not fixed, as it is in basic volumes). They are migrated as data disks only. You can add them later to an existing virtual machine.

Also read KB #119172 before proceeding with migration.

Step 1: Install Parallels Transporter Agent on your Windows PC

To import your data, you must first install the Parallels Transporter Agent software on the Windows PC.

Do one of the following:

  • If you purchased a physical copy of Parallels Desktop, insert the installation DVD into your Windows PC. If the installation doesn’t start automatically, locate and double-click the Parallels Transporter Agent.exe file.
  • Download Parallels Transporter Agent for Windows from the Parallels website and double-click the installation file.

If your computer is connected to the Internet, Parallels Transporter Agent checks for available updates. If an update is available, click Download and Install New Version. Follow the onscreen instructions to install Parallels Transporter Agent.

Step 2: Import Your Data

Choose one of the methods below for importing your data from your PC to your Mac.

Using a Parallels USB cable

The Parallels USB cable required for this method is included with Parallels Desktop Switch to Mac Edition. If you don’t have the Parallels USB cable, import your data using one of the other methods.


Note: Parallels USB Cable is available only for Parallels Desktop 8 Switch to Mac Edition and earlier.


  1. Turn on your Mac and your Windows PC then log in to both computers.
  2. On the Windows PC, open Parallels Transporter Agent by clicking the Start menu and selecting All Programs > Parallels > Parallels Transporter Agent.
  3. Connect the Parallels USB cable to your Windows PC and your Mac.
  4. If the Windows PC is running Windows XP, the Found New Hardware wizard opens. In this wizard:
    • Select Yes, this time only, and click Next.
    • Select Install the software automatically (Recommended), and click Next.
    • A Hardware Installation warning appears. Click Continue Anyway.
    • Drivers for the Parallels USB cable are installed. Click Finish to exit the wizard.
  5. On your Mac, open Parallels Desktop and choose File > New.
  6. Select Migrate from a PC and click Continue.
  7. Select Parallels USB cable and click Continue. Parallels Transporter will start collecting information about the source computer.
  8. If the Windows Installation Files window appears, insert the Windows installation disc into your Mac and click Continue.
  9. If you don’t want to log in to Windows automatically whenever you start up, select “Do not enable Automatic Logon”. Then click Continue.
  10. Choose whether you want to migrate all your files and data or only Windows applications. Then click Continue.
  11. Choose where you want to install your data. You can also click Customize and select which Windows volumes to migrate. Then click Continue.
  12. In the next step you will see a warning about Windows activation that might be required when you start using it. To proceed, read this message, select I want to continue and click Continue.
  13. Once the migration is complete, click Done.
  14. Start Windows.
  15. Once Windows starts up, choose Virtual Machine > Install Parallels Tools and follow the onscreen instructions.

Note: To be able to install Parallels Tools, you must be logged in to Windows as an administrator.

Over a network

Important: After importing your data, you may need to reactivate some of your Windows programs using the activation keys you received when you purchased the programs. To import your data from a PC over a network:

  1. Turn on your Mac and your Windows PC then log in to both. Verify sure that the computers are connected over the same network.
  2. Make sure that the Windows firewall is turned off. You can turn it on again after the import is finished.
  3. On the Windows PC, open Parallels Transporter Agent. From the Start menu select All Programs > Parallels > Parallels Transporter Agent.
  4. On your Mac, open Parallels Desktop and choose File > New.
  5. Select “Migrate from a PC” and click Continue.
  6. Select “Network” and click Continue.
  7. Find the passcode displayed in Parallels Wizard on your Mac and enter it in Parallels Transporter Agent on your Windows PC. You can also connect to the source Windows PC using its name or IP address: click “Use IP address instead”, select the Windows PC name from the list or type the IP address, and click Continue.
  8. If you have chosen to use the computer name or IP address, provide the Windows administrator credentials. Parallels Desktop will connect to Parallels Transporter Agent and start collecting information about the source computer.
  9. If the Windows Installation Files window appears, insert the Windows installation disc into your Mac and click Continue.
  10. If you don’t want to log in to Windows automatically whenever you start up, select “Do not enable Automatic Logon”. Then click Continue.
  11. Choose whether you want to migrate all your files and data or only Windows applications. Then click Continue.
  12. Choose where you want to install your data. You can also click Customize and select which Windows volumes to migrate. Then click Continue.
  13. In the next step you will see a warning about Windows activation that might be required when you start using it. To proceed, read this message, select “I want to continue” and click Continue.
  14. Once the migration is complete, click Done.
  15. Start Windows.
  16. When Windows boots up, choose Virtual Machine > Install Parallels Tools and follow the onscreen instructions.

Note: To be able to install Parallels Tools, you must be logged in to Windows as an administrator.

Using an External Storage Device

Important: After importing your data, you may need to reactivate some of your Windows programs using the activation keys you received when you purchased the programs. To import your data from a PC using an external storage device:

  1. Connect an external storage device to your Windows PC.
  2. In the Windows PC, open Parallels Transporter Agent by clicking the Start menu and selecting All Programs > Parallels > Parallels Transporter Agent.
  3. Click the external storage device icon.
  4. Click Next. Parallels Transporter Agent will collect information about the Windows PC.
  5. If you don’t want to log in to Windows automatically whenever you start up, select “Do not enable Automatic Logon”. Then click Next.
  6. Choose whether you want to migrate all your files and data or only Windows applications. Then click Next.
  7. Choose where you want to store your data. You can also click Customize and select which Windows volumes to migrate. Then click Next.
  8. In the next step you will see a warning about Windows activation that might be required when you start using it. To proceed, read this message, select “I want to continue” and click Next.
  9. Once the migration is complete, click Done to quit Parallels Transporter Agent.
  10. Disconnect the storage device from the Windows PC and connect it to your Mac.
  11. On your Mac, open Parallels Desktop and choose File > New.
  12. Select “Migrate from a PC” and click Continue.
  13. Select “External Storage Device” and click Continue.
  14. Click “Choose” and locate where you chose to store your data in step 7. Then click Continue.
  15. Choose where you want to install Windows and your data, then click Continue.
  16. Once the migration is complete, click Done.
  17. Start Windows.
  18. When Windows boots up, choose Virtual Machine > Install Parallels Tools and follow the onscreen instructions.

Note: To be able to install Parallels Tools, you must be logged in to Windows as an administrator.

For more information about migrating your PC to Mac please also visit our on-line User’s Guide

If you have an issue with migration, please follow the solution outlined in KB #113269.


Related articles:

Source: http://kb.parallels.com/eu/115007

A cheat sheet list of 10 nmap commands that are extremely useful for every Systems or Network Administrator

Recently I was compiling a list of Linux commands that every sysadmin should know. One of the first commands that came to mind was nmap.

nmap is a powerful network scanner used to identify systems and services. nmap was originally developed with network security in mind, it is a tool that was designed to find vulnerabilities within a network. nmap is more than just a simple port scanner though, you can use nmap to find specific versions of services, certain OS types, or even find that pesky printer someone put on your network without telling you.

nmap can be used for good and for evil, today we will cover some common situations where nmap makes life easier for sysadmins which is generally good. Even if some Sysadmins are evil…

Discover IP’s in a subnet (no root)

 $ nmap -sP 192.168.0.0/24
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 09:37 MST
 Nmap scan report for 192.168.0.1
 Host is up (0.0010s latency).
 Nmap scan report for 192.168.0.95
 Host is up (0.0031s latency).
 Nmap scan report for 192.168.0.110
 Host is up (0.0018s latency).

This is one of the simplest uses of nmap. This command is commonly refereed to as a “ping scan”, and tells nmap to send an icmp echo request, TCP SYN to port 443, TCP ACK to port 80 and icmp timestamp request to all hosts in the specified subnet. nmap will simply return a list of ip’s that responded. Unlike many nmap commands this particular one does not require root privileges, however when executed by root nmap will also by default send arp requests to the subnet.

Scan for open ports (no root)

 $ nmap 192.168.0.0/24
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 09:23 MST
 Nmap scan report for 192.168.0.1
 Host is up (0.0043s latency).
 Not shown: 998 closed ports
 PORT STATE SERVICE
 80/tcp open http
 443/tcp open https

This scan is the default scan for nmap and can take some time to generate. With this scan nmap will attempt a TCP SYN connection to 1000 of the most common ports as well as an icmp echo request to determine if a host is up. nmap will also perform a DNS reverse lookup on the identified ip’s as this can sometimes be useful information.

Identify the Operating System of a host (requires root)

 # nmap -O 192.168.0.164
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 09:49 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.00032s latency).
 Not shown: 996 closed ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp
 MAC Address: 00:00:00:00:00:00 (Unknown)
 Device type: general purpose
 Running: Apple Mac OS X 10.5.X
 OS details: Apple Mac OS X 10.5 - 10.6 (Leopard - Snow Leopard) (Darwin 9.0.0b5 - 10.0.0)
 Network Distance: 1 hop

With the -O option nmap will try to guess the targets operating system. This is accomplished by utilizing information that nmap is already getting through the TCP SYN port scan. This is usually a best guess but can actually be fairly accurate. The operating system scan however does require root privileges.

Identify Hostnames (no root)

 $ nmap -sL 192.168.0.0/24
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 09:59 MST
 Nmap scan report for 192.168.0.0
 Nmap scan report for router.local (192.168.0.1)
 Nmap scan report for fakehost.local (192.168.0.2)
 Nmap scan report for another.fakehost.local (192.168.0.3)

This is one of the most subtle commands of nmap, the -sL flag tells nmap to do a simple DNS query for the specified ip. This allows you to find hostnames for all of the ip’s in a subnet without having send a packet to the individual hosts themselves.

Hostname information can tell you a lot more about a network than you would think, for instance if you labeled your Active Directory Servers with ads01.domain.com you shouldn’t be surprised if someone guesses its use.

TCP Syn and UDP Scan (requires root)

 # nmap -sS -sU -PN 192.168.0.164
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 13:25 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.00029s latency).
 Not shown: 1494 closed ports, 496 filtered ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp
 88/udp open|filtered kerberos-sec
 123/udp open ntp
 137/udp open netbios-ns
 138/udp open|filtered netbios-dgm
 631/udp open|filtered ipp
 5353/udp open zeroconf

The TCP SYN and UDP scan will take a while to generate but is fairly unobtrusive and stealthy. This command will check about 2000 common tcp and udp ports to see if they are responding. When you use the -Pn flag this tells nmap to skip the ping scan and assume the host is up. This can be useful when there is a firewall that might be preventing icmp replies.

TCP SYN and UDP scan for all ports (requires root)

 # nmap -sS -sU -PN -p 1-65535 192.168.0.164
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 10:18 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.00029s latency).
 Not shown: 131052 closed ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp
 17500/tcp open unknown
 88/udp open|filtered kerberos-sec
 123/udp open ntp
 137/udp open netbios-ns
 138/udp open|filtered netbios-dgm
 631/udp open|filtered ipp
 5353/udp open zeroconf
 17500/udp open|filtered unknown
 51657/udp open|filtered unknown
 54658/udp open|filtered unknown
 56128/udp open|filtered unknown
 57798/udp open|filtered unknown
 58488/udp open|filtered unknown
 60027/udp open|filtered unknown

This command is the same as above however by specifying the full port range from 1 to 65535 nmap will scan to see if the host is listening on all available ports. You can use the port range specification on any scan that performs a port scan.

TCP Connect Scan (no root)

 $ nmap -sT 192.168.0.164
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 12:48 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.0014s latency).
 Not shown: 964 closed ports, 32 filtered ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp

This command is similar to the TCP SYN scan however rather than sending a SYN packet and reviewing the headers it will ask the OS to establish a TCP connection to the 1000 common ports.

Aggressively Scan Hosts (no root)

 $ nmap -T4 -A 192.168.0.0/24
 Nmap scan report for 192.168.0.95
 Host is up (0.00060s latency).
 Not shown: 996 closed ports
 PORT STATE SERVICE VERSION
 22/tcp open ssh OpenSSH 5.9p1 Debian 5ubuntu1 (protocol 2.0)
 | ssh-hostkey: 1024 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:6c (DSA)
 |_2048 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:6c (RSA)
 80/tcp open http nginx 1.1.19
 |_http-title: 403 Forbidden
 |_http-methods: No Allow or Public header in OPTIONS response (status code 405)
 111/tcp open rpcbind
 | rpcinfo:
 | program version port/proto service
 | 100000 2,3,4 111/tcp rpcbind
 | 100000 2,3,4 111/udp rpcbind
 | 100003 2,3,4 2049/tcp nfs
 | 100003 2,3,4 2049/udp nfs
 | 100005 1,2,3 46448/tcp mountd
 | 100005 1,2,3 52408/udp mountd
 | 100021 1,3,4 35394/udp nlockmgr
 | 100021 1,3,4 57150/tcp nlockmgr
 | 100024 1 49363/tcp status
 | 100024 1 51515/udp status
 | 100227 2,3 2049/tcp nfs_acl
 |_ 100227 2,3 2049/udp nfs_acl
 2049/tcp open nfs (nfs V2-4) 2-4 (rpc #100003)
 Service Info: OS: Linux; CPE: cpe:/o:linux:kernel

Unlike some of the earlier commands this command is very aggressive and very obtrusive. The -A simply tells nmap to perform OS checking and version checking. The -T4 is for the speed template, these templates are what tells nmap how quickly to perform the scan. The speed template ranges from 0 for slow and stealthy to 5 for fast and obvious.

Fast Scan (no root)

 $ nmap -T4 -F 192.168.0.164
 Starting Nmap 6.01 ( http://nmap.org ) at 2013-02-24 12:49 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.00047s latency).
 Not shown: 96 closed ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp

This scan limits the scan to the most common 100 ports, if you simply want to know some potential hosts with ports open that shouldn’t be this is a quick and dirty command to use.

Verbose

 $ nmap -T4 -A -v 192.168.0.164
 Starting Nmap 6.01 ( http://nmap.org ) at 2013-02-24 12:50 MST
 NSE: Loaded 93 scripts for scanning.
 NSE: Script Pre-scanning.
 Initiating Ping Scan at 12:50
 Scanning 192.168.0.164 [2 ports]
 Completed Ping Scan at 12:50, 0.00s elapsed (1 total hosts)
 Initiating Parallel DNS resolution of 1 host. at 12:50
 Completed Parallel DNS resolution of 1 host. at 12:50, 0.01s elapsed
 Initiating Connect Scan at 12:50
 Scanning 192.168.0.164 [1000 ports]
 Discovered open port 139/tcp on 192.168.0.164
 Discovered open port 445/tcp on 192.168.0.164
 Discovered open port 88/tcp on 192.168.0.164
 Discovered open port 631/tcp on 192.168.0.164
 Completed Connect Scan at 12:50, 5.22s elapsed (1000 total ports)
 Initiating Service scan at 12:50
 Scanning 4 services on 192.168.0.164
 Completed Service scan at 12:51, 11.00s elapsed (4 services on 1 host)
 NSE: Script scanning 192.168.0.164.
 Initiating NSE at 12:51
 Completed NSE at 12:51, 12.11s elapsed
 Nmap scan report for 192.168.0.164
 Host is up (0.00026s latency).
 Not shown: 996 closed ports
 PORT STATE SERVICE VERSION
 88/tcp open kerberos-sec Mac OS X kerberos-sec
 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
 631/tcp open ipp CUPS 1.4
 | http-methods: GET HEAD OPTIONS POST PUT
 | Potentially risky methods: PUT
 |_See http://nmap.org/nsedoc/scripts/http-methods.html
 | http-robots.txt: 1 disallowed entry
 |_/
 Service Info: OS: Mac OS X; CPE: cpe:/o:apple:mac_os_x

By adding verbose to a majority of the commands above you get a better insight into what nmap is doing; for some scans verbosity will provide additional details that the report does not provide.

While these are 10 very useful nmap commands I am sure there are some more handy nmap examples out there. If you have one to add to this list feel free to drop it into a comment.

Source: http://bencane.com/2013/02/25/10-nmap-commands-every-sysadmin-should-know/