Data Security Thanks to Multiple-Factor Authentication in UCS with privacyIDEA + SAML

How can companies make access to their networks and applications securer and more user-friendly at the same time? What’s behind the terms SAML, multiple-factor authentication and single sign-on in this context? Cornelius Kölbel, Managing Director of our partner NetKnights, took the time to explain these technologies to us and illustrate how you can use the multiple-factor authentication solution privacyIDEA and SAML to set up a secure network on UCS plus saving employees time when signing in.

Synchronisation between UCS and Microsoft Windows with Samba Active Directory

In “Fail-safe performance and load distribution thanks to LDAP replication” I focused on describing the UCS OpenLDAP directory service. Unfortunately, OpenLDAP is only of comparatively little help to me if I want to operate Windows systems in my network, as Windows doesn’t speak the standard-compliant LDAP protocol as a rule, but rather a particular dialect that Microsoft selected for its Active Directory. I would now like to explain which technologies integrated in Univention Corporate Server we can use to deal with this situation and go into more detail about the replication via listener/notifier for OpenLDAP, DRS replication for the Active Directory and the “Univention S4 Connector”, which synchronises between the two worlds.

The End of Linearity, git Implementation in Professional Services

git-ucs-branches-releases-commands_enWe have now been using git as the version control software for our projects in the Professional Services Team at Univention for a number of weeks and to great success. In this blog article, I want to give you a bit more information about our decision to employ git, report on our initial, recent experiences and provide a perspective of the aspects still requiring work. In doing so, I hope maybe to provide you with a suggestion or two for your own projects or that perhaps you will also have ideas for how we can implement our requirements even better using git.

TL;DR

  • Both the migration of SVN to git and the use of git as a tool in the productive workflow have gone very smoothly.
  • The challenges involved in the professional introduction are considerable, particularly with regard to the preparation of the coordinated workflow.

UCS 4.1: First Milestone Released

Today, we released the first milestone of Univention Corporate Server 4.1. Prominent features of Univention Corporate Server 4.1 will include the addition of Docker-based applications in the App Center, the implementation of SSO (Single Sign-On) authentication via SAML (Security Assertion Markup Language), as well as new package versions, such as Samba 4.3 and Linux kernel 4.1 LTS. The LDAP packages have been updated as well in this development version.