The ninth patch level release for Univention Corporate Server (UCS) 5.0, UCS 5.0-9, is now available. This release contains all errata released since version 5.0-8, including important bug fixes and security updates for components such as Python, systemd, Apache, the Linux kernel as well as numerous Univention in-house packages.
Univention Corporate Server 5.0-9 can be installed via the “Software Update” module or downloaded from the Univention download area.
OpenID Connect for Single Sign-On in the Nubus Portal
Single Sign-On (SSO) is a central element of integrated identity & access management (IAM). The Nubus Identity Provider already supports the most important protocols, SAML and OpenID Connect (OIDC). With Univention Corporate Server 5.0-9, OIDC is now also available for the UCS web interfaces, in particular the portal and the Univention Management Console (UMC).
In addition to the migration to the newer SSO mechanism, OIDC in UCS 5.0-9 enables new functions such as the “Backchannel Logout”, which supports a Single Logout (SLO) without user interaction. To improve the user experience, an automatic update of the portal content in all open tabs after a logout ensures that the logged out state is displayed correctly everywhere.
Improved Selective Synchronization in the AD Connection
The Active Directory Connection synchronizes users, groups and computer objects between Nubus and Active Directory (AD). With UCS 5.0-9, selective synchronization has been fundamentally revised. It now enables flexible control of the synchronized objects on the basis of Allow and Deny filters, both at the level of entire subtrees and individual object types.
The improved selection ensures that only the desired objects are synchronized, which avoids unwanted entries on both sides and minimizes manual effort.
New Linux Kernel 5.10
Univention Corporate Server 5.0-9 also contains an update to the Linux Kernel 5.10, a long-term release that replaces the previous Kernel 4.19. The focus of this update is on improved stability and performance of file systems, support for newer hardware components and the implementation of security-relevant functions. As support for Kernel 4.19 expires at the end of the year, this upgrade is essential.
Patch Level Releases Every Three Months
Univention Corporate Server 5.0-9 is now available and can be installed immediately. Security updates for UCS 5.0-8 will continue to be provided for the next 12 weeks. However, administrators of UCS 5.0-7 should update now as maintenance for this version has ended.
The next patch level release, UCS 5.0-10, is expected to be released in early to mid-December.
More information can be found in our release notes and in our help article on installation.