Univention Blog

The debate around Digital Sovereignty is often framed as a contest between the United States and Europe, yet the underlying issue resonates far beyond these regions. Around the world, countries seek measurable control over government IT systems and data infrastructures while safeguarding citizens’ privacy and civil society. Their shared goal is to reclaim autonomy in [...]

The latest Nubus for Kubernetes release improves observability: a new API endpoint provides metrics for operator dashboards, and additional information in the Management UI gives operators and administrators easy access to information that helps prevent or analyze incidents. Univention Directory Manager Metrics The REST API of the Univention Directory Manager (UDM) now includes a new [...]

Attacks on open source projects have become the norm and therefore also threaten the supply chain of Univention products. To ensure the necessary security and transparency, we rely on signatures, SBOMs and VEX in Univention Nubus. The benefits behind these approaches are explained below. Motivation: Risk Management of Operated Software The “supply chain” of a [...]

With the release of Nubus for Kubernetes 1.19, we have deliberately focused on security updates. In addition to patches for recently discovered vulnerabilities, we have significantly expanded our “VEX” information in particular, in order to make our handling of potential security issues more transparent and better usable for automated evaluations. You can learn more about [...]

Running administrative accounts and regular user accounts in the same directory is common in many environments – but separating them can significantly improve security. With Delegative Administration and Just-in-Time Authentication, UCS cleanly separates roles from identities. The result: less ACL complexity, clearer structures, and a more modern approach to administration. In many IT environments, this [...]

The classic IAM task – simple, secure, and centrally managed Almost every organization faces the same challenge: employees work with a wide variety of applications – specialized software, collaboration tools, cloud services, and internal systems. Access should be as simple as possible for users, while the organization needs control over who can access which data [...]

The first patch-level release of the year bundles all new features from the past three months onto new installation media – and therefore includes highlights such as the automatic restoration of accidentally deleted users in Active Directory and Samba 4 as well as the Nubus Provisioning Service. Provisioning Service for UCS The new Provisioning Service [...]

With version 1.18, we are releasing the second Nubus for Kubernetes update of this year. The focus of this release is to reduce dependencies on specific conditions within a Kubernetes cluster, making Nubus easier and more flexible to deploy. Free Choice of Ingress Controller The “Ingress Controller” in a Kubernetes cluster manages access to the [...]

Maintenance for UCS 5.0 has ended as announced. This marks the end of the regular support period for this version – and it is the right time to move to the current release. We recommend upgrading to UCS 5.2 so that you continue to receive regular updates, security fixes, and a modern platform. Maintenance for [...]

With this blog post, I am starting a new series in which I present the updates of the roughly monthly Nubus for Kubernetes releases. We begin with a look back at version 1.17, which was released at the end of January and brings many improvements for Nubus operators – including the new Structured Logging format [...]