LDAP replication: ensuring fail-safe performance and reasonable load distribution

Server in use

It is well-known among IT staff members: the administration tasks (for multiple applications and depending access rights) which apply even with a small amount of users can prove to be very time-consuming. With possible changes of responsibilities or the joining of new staff members, chances are high that uncontrolled growth arises quickly within the IT infrastructure. And not only does this procedure take a lot of time, but it also endangers the security of your system after a while. A common consequence: the administration of users and their access rights becomes a nuisance and tends to get neglected. If not taken on in due time, this problem grows in parallel with the company and will, eventually, cause quite a bit of trouble. To get back in charge as soon as possible, it is recommended to establish a centralized user management in the shape of an Identity Management System.
Quite often, the so-called LDAP directory service (which we have also integrated in UCS) is the core of the identity management system. Meaning „Lightweight Directory Access Protocol“, it rather describes „only“ the protocol itself, even though users tend to adress „the LDAP“, while in fact talking about the LDAP directory service.

ONLYOFFICE Docs: brand new name and big updates for spreadsheets

ONLYOFFICE Docs V6.0

ONLYOFFICE is a collaborative office suite for working with text documents, spreadsheets and presentations in UCS. It is combined with Nextcloud, ownCloud, or Seafile and installed from Univention App Center casually (Docker-based) or as a pre-configured virtual appliance. You can also integrate it in UCS LDAP to manage all users.
In this article I’d like to tell you about the latest major update that brings a new name for ONLYOFFICE online editors as well as long-awaited features for spreadsheets.

Farewell to “Master” and “Slave”: new names for system roles in UCS 5.0

UCS 5.0 Beta Release

In December we will open the beta release of UCS 5.0 to the public. For users who have been using UCS for a longer period of time, the renaming of the system roles in particular will bring a significant change, which will be visible in the beta release. In addition to the  removal of known terms of discrimination (“master” and “slave”), we would like to use new names in order to reflect the central functionality of our new system in the respective names. In the following, I will introduce the new naming for the system roles and explain the goals we are pursuing with it.

Film Tutorial: How to Use User Templates in UCS

With user templates, Univention Corporate Server (UCS) offers a proven instrument to minimize the effort of IT admins. Who doesn’t know these slight doubts: Does the e-mail address of the new intern have the correct syntax? Has the new colleague been added to the right user group? The user templates help to dispel these and similar doubts and create user accounts consistently. This saves time and ensure that no important attributes and settings are forgotten.

UCS 5.0 status update: Beta Release in December 2020

UCS 5.0 Beta Release

Almost exactly one year has passed since the announcement that we are working on UCS 5.0. Since then, we have been very busy and made some important steps towards making UCS a future-proof platform. In December 2020, we intend to make the first results publicly available in a Beta Release. In this article, I would like to give you a first taste of the exciting new features that UCS 5.0 will bring.

LDAP: Last logon timestamp recordings with UCS

In relatively many UCS environments, system administrators have not yet developed consistent processes for detecting, deactivating or deleting inactive user accounts. Over the years, accounts that have not been used for a long time accumulate in the LDAP directory. At Univention, we have developed a new UCS extension on behalf of a customer, which helps to detect such unused accounts. The Lastbind-Overlay-Module and a new Python script detect inactive accounts on LDAP servers, even in large environments with several LDAP instances and distributed system roles.

Cloud Office: Open Source is the better solution

These days, a modern workflow includes fast coordination processes in teams that should also function independently of time and location. For this type of collaboration, it is essential that all team members can edit documents together without conflicts due to different file versions or endless and tiring comment loops. In this article I’d like to show you two examples which represent open source alternatives to cloud office solutions from known software giants.

UCS Samba/AD: How to establish trust with native Microsoft Active Directory domains

Logos von UCS und Windows mit verbindenden Pfeilen

Establishing a trust relationship means giving users of a domain access to the resources of another domain. In some situations this can extend the options for identity management. In the following example, I will refer to the interaction between Samba in UCS and Microsoft Windows. I will explain in detail how a so-called trust relationship can be configured and what the current state of implementation is.