Our first point release of UCS 4.4 includes all minor improvements and bugfixes of the Errata updates released over the past months, but it also brings some exciting new features.
Univention Directory Manager (UDM): More performance, improved functionality and a new REST API as beta version
There are significant performance improvements for managing the contents of the directory service via UDM, especially for application scenarios with complex structures. There have also been further minor improvements in DNS management, where the search for IP addresses is now enabled in further modules, as well as in the use of standard containers of domain controller objects.
A brand new feature is the REST API for UDM, which considerably facilitates the integration of UDM with other applications. This REST API has been released as beta version for the time being. After further tests and improvements we plan to release a stable version in autumn.
Adaptation of app logins via CSS Stylesheets – easier configurability of the portal – new app recommendation system
The UCS Portal is the central point through which users have easy access to all IT applications in their environment. Administrators already had various options at their disposal to configure and design the portal page with their own look and feel. New configuration options have been added for custom stylesheets (CSS), which allows UCS administrators to provide the central user login and self services with an own individual layout. Self services allow users not only to reset their password, but also to adjust the information in their user account themselves.
Also new for the UCS Portal are enhancements in user guidance. Administrators can now configure whether web-based IT applications linked in the portal should be opened in the same tab or in a new tab. In addition, for the login at the portal or at single sign-on capable applications, e.g. the UMC, made-available there, they can configure the session timeout of SAML much easier.
The most obvious change is certainly the new app suggestion system in the Univention App Center.
Based on the apps already installed in the UCS environment, administrators receive recommendations for suitable supplementary apps. These recommendations are based on the most common already existing combinations, e.g. the combined use of apps like Nextcloud or ownCloud with the app Let’s Encrypt. Another improvement was the handling of interruptions during updates in the App Center.
Windows Profile, AD Connector Scenarios and Samba 4 Connector Configuration
UCS 4.4-1 also brings a whole range of improvements to the area of Windows Services. Thus there are changes in the integration of Samba when dealing with server-side Windows profiles, in that the respective paths are now hidden in the file share, so that users no longer damage their profile unintentionally.
We have simplified the authentication between workstations of the AD domain and UCS file services on member servers when using UCS file servers in an AD Connector environment, which had not been possible as usual after the update to Samba 4.10. These improvements are also available for UCS 4.3.
Also new: In the extended configuration of the connector between UCS LDAP and Samba 4 via Univention Configuration Registry there is now the option to exclude subtrees of the LDAP directory from synchronization. The previously required adaptation of the configuration files is no longer necessary.
News from Univention Apps OpenID Connect and UCS@school
There are also news about the apps we maintain ourselves. A stable version of the Open ID Connect App is now available in the App Center, offering extended configuration options. In addition to SAML, Open ID Connect provides another option for a single sign-on to web services.
We have also updated our app UCS@school. One focus has been on the extension and hardening of the exam mode. There are new functions in the area of exporting class lists. And with the installation media of UCS 4.4-1 there is now an additional check within the installation of UCS systems that supports you during the installation of “UCS@school site servers”.
Further Information & Future Outlook
The altogether 184 errata updates which we have released since the release of UCS 4.4-0 contain – apart from security updates – many further new features that we have not yet mentioned. By improving the support of the NUMA architecture, we have boosted the performance of virtualization with large virtual machines. The IMAP services provided by Dovecot can now also be secured for multiple domain names via SNI. And in the area of LDAP replication, we have provided new tools to ensure performance in large environments.
Some of the updates that are included in this release have encompassed work that is aimed at preparing future developments:
Among other things, we are working on the step-by-step migration to Python 3, extensions for the synchronization between OpenLDAP and Samba4 and additional functions for the Office365 Connector.
With UCS 4.4-1, we have again been able to put together an extensive collection of improvements, but as always, we have many more ideas that we want to implement with UCS. What are your wishes and suggestions for the next releases? – give us your feedback, here in the blog or on help.univention.com!
UCS 4.4-1 release highlights at a glance:
- “Branding” for login and self service through configurable stylesheets
- Substantial performance improvements of the Directory Manager in environments with complex LDAP structures
- Suggestion system for supplementary apps in the App Center
- Preparing migration to Python 3
- UDM Rest API BETA
- UDM: Search for DNS records by IP address
- Better Browser Cache Control for the web interface
- Target of links (here or new tab) can be configured for the portal
- New configuration options for SAML session timeout
- Improved error processing for upgrade issues in the App Center
- New / improved tools for new replication, e.g. univention-translog-prune
- “cn=monitor” statistics can be activated for OpenLDAP
- Support for file services on member servers in AD Connector environments
- Hide Windows profiles in $HOME shares
- SNI Support for Dovecot
- Activation of NUMA support in libvirt / UVMM
- Implementation of the new configuration routines for Microsoft Office 365
- Update of the OpenID Connect App to the current Kopano Connect version and better configurability of the OIDC Provider DNS name
A complete list of changes to UCS 4.4 can be found in our Release Notes.
Download UCS 4.4-1 now