Guide to Your Private UCS Server with ownCloud, Kopano & Let’s Encrypt

Have you ever thought?: “It’s enough! I finally want to set up my own robust, powerful server at home to put an end to the permanent threat that someone might hack my precious data.”

I did! And today, I’d like to share with you here all the necessary steps that are required for this. In addition to UCS, my home server scenario also includes a software bundle made up of groupware, mail, and file exchange software, i.e. ownCloud and the Kopano apps. This bundle make proprietary mail and groupware solutions redundant if you like. In addition, I also show you how to install Let’s Encrypt so that the connections to your UCS server will be well protected, too.

Univention Domain Join Assistant for Foolproof Integration of Ubuntu Clients into UCS Domains

Today we introduce our new Domain Join Assistant for Univention Corporate Server (UCS). With this tool, administrators can now integrate Ubuntu computers into a UCS domain without any additional manual configuration. Thanks to this, all users can log in directly to their Ubuntu desktop using their usual domain accounts. This automation eases administrators’ work to manage Ubuntu clients on the network. Thanks to Kerberos SAML integration, organizations that already use UCS version 4.3 can now offer their users single sign-on for the Ubuntu clients.

Univention: Single sign-on made easy for Ubuntu clients

Bremen, April 26, 2018 – Today, Univention releases the Domain Join Assistant for Univention Corporate Server (UCS). This new tool allows administrators to integrate Ubuntu machines into a UCS domain without any additional manual configuration. All users can directly log in to an Ubuntu desktop using their usual domain accounts. With this automation, Univention significantly helps administrators to manage Ubuntu clients on the network. Thanks to a Kerberos SAML integration, organizations who are already using the recently released UCS 4.3 can now also offer their users single sign-on for the Ubuntu clients. The new Domain Join Assistant will replace the previous Univention Corporate Client (UCC). However, Univention customers with a maintenance contract will receive updates for UCC until April 30, 2021.

LDAP/OpenLDAP: The Two Pillars in UCS’ Identity & Access Management

LDAP

Our work environment is becoming more ‘colorful’, but also more difficult to handle and control. Employees increasingly determine for themselves which tools they use and where they work. As an admin, you easily lose track and become afraid of losing control over the security of your corporate IT.

Fortunately, UCS provides an identity and access management (IAM) that centrally manages and supervises all tools, devices, data, and accesses. By setting up a centralized IAM, you not only avoid shadow IT, but most of all, you regain control over your network and your precious data.

For those of you who have little technical knowledge in UCS, I like to explain today the terms LDAP / OpenLDAP, as they are the cornerstones of our central IAM system.

Advantages of Roaming Profiles and Folder Redirection to Boost Network Performance + Data Availability

Männerkopf mit Binärcode

Would you like some valuable tips on how to increase network performance and user data availability when using Windows clients together with UCS?

Thinking about user data, many of us admins immediately understand that questions about the issues of backups, privacy, and availability, no matter whether across different machines or outside the office, can create us a considerable headache. But fortunately there are solutions in place and in this article I want to cover two of them: Roaming Profiles and Folder Redirection, arguably the most popular solution to the problem.

UCS at the SchwuZ in Berlin, Part 2: Synchronizing User Profiles

SchwuZ Keller

We would like to inform you about further mile stones we achieved with our IT project at the Berlin-based cultural event organizer SchwuZ and therefore complement our last blog article bitpack.io modernizes IT at the SchwuZ in Berlin with Univention Corporate Server from last year with instructions on how to setup synchronized user profiles.

Short Introduction: How to Upgrade Your E-mail Server to a Bullet-Proof Fortress

E-mails have become an integral part in our everyday lives. In business anyway, but they have also found their way into our schools. However, schools face the same problems that have long been known by organizations: School authorities with thousands of students, hundreds of teachers and many administrative employees offer hackers a target at least as worthwhile as other large enterprises.

In this article, I’ll show you some simple yet highly effective measures that you as the administrator of a corporate IT or school IT can take to effectively protect your users and mail servers from hacker attacks. As massive spams are not only annoying or even dangerous to us all, they can also cause other mail servers to mistrust your email servers so that your users will no longer be able to send regular mails.

‘Vote for Apps’ End of 2. Round: Did Your Favorite Make It?

We’ve now finished the second round of the voting series ‘Vote for Apps’ in the Univention App Catalog which took place from February 9 to March 9. I thank all participants for their engagement and like to present the result today.

This time, you were able to vote for the Apps Cozy Cloud, a service to access personal data in the cloud, furthermore a connector to Dropbox Business as well as SOGo, an open source groupware server.

Central Domain Management with Samba and Active Directory

Graphic of a company's worldwide network
The release of UCS 4.3 also provides you with the Samba version 4.7 . Compared to older versions, it clearly improves the performance in the area of LDAP queries and replications of group memberships in particular. This offers great benefits, particularly for large organizations with several thousands or even ten thousands of authentication accounts.

But what is Samba in general? How can it be compared to Microsoft‘s Active Directory? Where is it involved in UCS‘s identity management and how can you benefit from it?

In this article I want to present you two solutions for the central detection and authorization of the members of a domain. Both of them enable you to centrally administrate a domain network. They also help to achieve more data protection and significantly increase failure security for your IT systems.

Besides, I want to show you how UCS is able to bridge the gap between the Linux world and the Windows world. By this you can reap the benefits of both systems, instead of having to decide for one and thus restrict yourself.