UCS 4.0-3 release with new features and numerous updates

UCS Logo
The current release of Univention Corporate Server supplies various security updates and bug fixes and now offers Dovecot as the default mail server as well as the possibility to define LDAP filters for policies. UCS 4.0-3 now also brings the automatic creation of Univention Apps as images for various virtualization environments. The apps available in the Univention App Center are now automatically provided as complete applications that consist of UCS as the platform, UVMM as the management system, and the app itself. They are ready to download for various virtualization formats such as VMware or KVM.

Release of Univention Corporate Server 4.0-3

New UCS release provides bugfixes, updates and automatic creation of Univention Apps for virtualization environments

The latest release of Univention Corporate Server (UCS) supplies various improvements, security updates and bug fixes for the IT management and operating platform of Univention. New in UCS 4.0-3, among other things, are the use of Dovecot as the default mail server, the possibility to define LDAP filters for guidelines and the automatic creation of Univention Apps as images for various virtualization environments.

Release of Univention Corporate Client 2.1

UCC 2.1 with optimized roll-out management, integrated Citrix Receiver and more comprehensive hardware support is available now

UCC Univention Corporate Client Logo

With the release of Univention Corporate Client (UCC) Version 2.1, we are now making our operating and management solution for (thin) clients available with integrated Citrix Receiver. In addition, the software employs newer kernel and Xserver versions, which allow the use of additional client hardware. Another new feature of UCC is the new image server, which enables the roll-out of clients in distributed infrastructures from local servers. As always, UCC is based on the Long Term Support (LTS) version of Ubuntu (currently 14.04).

Univention unveils its revised client operating system

UCC 2.1 with optimized roll-out management, integrated Citrix Receiver and more comprehensive hardware support is available now

UCC Univention Corporate Client Logo

With the release of Univention Corporate Client (UCC) Version 2.1, Univention (www.univention.de) is now making its operating and management solution for (thin) clients available with integrated Citrix Receiver. In addition, the software employs newer kernel and Xserver versions, which allow the use of additional client hardware. Another new feature of UCC is the new image server, which enables the roll-out of clients in distributed infrastructures from local servers. As always, UCC is based on the Long Term Support (LTS) version of KUbuntu (currently 14.04).

Fail-safe performance and load distribution thanks to LDAP replication

ldap-replication

Even if you only have a small number of staff, the administration of individual user accounts for numerous applications and the corresponding access rights can still prove very time consuming. When responsibilities change hands or when new members of staff join the company at the latest, the IT infrastructure becomes characterized by uncontrolled growth, which not only requires a lot of time to handle, but also becomes more and more insecure over time. More often than not, the administration of the users and their rights gets neglected at some point. As the enterprise expands, this type of out-of-control infrastructure becomes more and more risky and dangerous. Centralized user management in the form of an identity management system can help you to rein your IT back in again.

The beating heart of an identity management system is often a so-called LDAP directory service, which is also integrated in our Univention Corporate Server. LDAP stands for lightweight directory access protocol, so it really only describes the protocol itself, although people also tend to talk about “the LDAP” when they actually mean the LDAP directory service.

Moving your business to the cloud?

Moving your business to the cloud?According to a survey conducted by analyst firm Statista GmbH, 44 percent of German companies have moved their business to the cloud. During the last couple of years, many cloud providers have developed different applications and the upward trend will remain steady. Our development-team from Sweden designed the business software Fortnox already in 2001, so we can confirm that the trend of moving businesses to the cloud is an upward trend. Especially, the future development is crucial because the requirements for cloud providers are growing continuously. Plenty of new suppliers are entering the cloud market every day, so the competition is increasingly high. Providers of cloud solutions have to stand out with new and innovative products otherwise they will leave the cloud market as fast as they entered it.

Benno MailArchiv available in the Univention App Center

Benno MailArchiv is a software for the automated and revision-safe archiving of emails.

Benno MailArchiv offers an integrated full text search that allows the search for any email based on content information (sender, receiver, text) but also on text content from attachments. At the moment, more than 1,200 attachment formats, incl. PDF, office formats, etc. are supported. ZIP files will be unpacked and also fully indexed file-by-file.

Dovecot is the default IMAP/POP3 mail server in UCS

Univention integrated Dovecot as new default IMAP/POP3 mail server in UCS. This article gives a first overview about this integration.

Why Dovecot as default IMAP/POP3 server in UCS?
Dovecot IMAP Server LogoDovecot has a focus on security, stability and performance, while complying with established standards. Similarly to Postfix Dovecot starts a couple of separate processes for different tasks. The processes can be run with different owner and group permissions to limit the impact of a security incident.

Dovecot supports several backend storage formats: mbox, Maildir and dbox. In each case it uses indices to increase access performance. Their self healing and self optimizing features reduce tedious administrative intervention and simplify backups.

Bundestag Hack: Possible Backgrounds and Defense Methods

Bundestag Hack

Here at Univention, we are of course also concerned by the attack on the German parliament’s IT infrastructure, better known as the “Bundestag hack”. To recap: It appears that there were some bogus e-mails there including links to malware. A number of the Windows PCs in the Bundestag’s “Parlakom” network were or may still be infected with the malware, which is alleged to have searched for and copied certain confidential Word documents. According to a report in the Tagesspiegel (German) newspaper, this allowed the hackers to gain “administration rights for the infrastructure”. The attack was conducted as an “advanced persistent threat” or “APT attack” for short: in other words, a complex, multi-phase attack on the German parliament’s “Parlakom” IT network.

How IT systems can be taken over

There are a whole host of “classic” approaches for taking over IT systems, such as the exploitation of security vulnerabilities in the software, the interception or guessing of passwords (brute force attacks) and the cracking of password hashes. These methods are well known and it is comparatively simple to reduce the risk of such attacks’ being successful. The requisite measures are: regular, comprehensive and rapid installation of updates, encryption of sensitive data and network communication using state-of-the-art encryption standards, the use of sufficiently long passwords, logging of failed login attempts and blocking of user accounts with too many failed attempts, the use of salted password hashes (the salt converts two identical passwords into different hashes), iteration of the hash functions (rounds) and changing passwords regularly.

Working On The Go – How You Stay Productive and in Control

working-on-the-goAs manager of Univention North America, I often find myself working on the go. While free WiFi and mobile Internet are slowly bridging the gap between the office, airport lounges and hotels, connections are often slow and congested whenever many people are congregating.

While many office documents can still be worked on when on the go, synchronization with the office and collaboration with coworkers are still difficult, especially, if you have to consider questions like data and transmission security, including secure access to the company network, travel across time zones or, oh horror, the date line and slow connections.

Of course, travel needs are not the only reason, why you would want to look at these applications, for synchronization and collaboration can also greatly benefit teams that work at multiple locations or colleagues frequently working from home. In the end, nothing is worse than finding out that an employee has uploaded much of the companies confidential knowledge base to a cloud service, because tablets, smart phones or collaborations are words that the IT office can’t be bothered with.