How-To: Securing Networks with RADIUS

Many organizations and educational institutions allow users to work on their personal laptops, tablets and smartphones. Bringing Your Own Device (BYOD) is popular because it reduces the financial burden on businesses and gives users a greater freedom of choice as well as their familiar working environment. Before users connect to the school or corporate Wi-Fi with their personal devices, administrators should think about security so that the devices do not become a gateway for malware.

Secure in the Cloud – Two-Factor Authentication for Single Sign-On

Logo von privacyIDEA

Today many services are offered as web applications. This can be self-hosted systems such as ownCloud or Kopano or cloud services such as the Google G Suite / Google Apps for Work.

The number of services a user uses for his daily work is constantly increasing. So the desire for Single Sign-On is understandable. The user logs on centrally once and can then use all connected services without further authentication. The implementation of Single Sign-On was already described in more detail in the article Brief Introduction: SAML.

But in all cases, whether it is their ownCloud instance or Google G Suite, the user logs on to a web application that is available on the Internet. The login is accessible from everywhere – but also for everyone – and is therefore an interesting target for crackers, cyber criminals and industrial spies.

With the new version of the privacyIDEA SAML App companies can decisively increase the security of the Single Sign-On process.

Third Point Release of Univention Corporate Server 4.3-3

UCS 4.3-3

With UCS 4.3-3 the third point release for Univention Corporate Server (UCS) 4.3 is now available, which includes a number of important updates and various new features.

Improved configurability of the portal

The portal is the starting point for many UCS users and administrators. As described in the blog article Design the UCS Portal with Drag & Drop, you can adapt it very easily to your needs. The categories “Applications” and “Administration” were static until now. We have extended the portal so that you can now define your own categories. In addition, you can add static links to the portal, e.g. also link an imprint here.

Multi Container Support for Docker Apps for Univention App Center

Container technology Docker Logo

Since the release of UCS 4.1 in November 2015, the App Center has supported Docker apps. These are applications in the form of Docker images that are deployed by the App Center in a Docker container. To do this, the App Center downloads the Docker image of an app and starts the Docker container. We call these apps “Single Container Apps” because the App Center only supports one container per app. This functionality is sufficient for many apps.

Until now!

In the Univention App Center: OpenID Connect Provider

OpenID Connect Provider-01-01

With the development of the OpenID Connect Provider App, which we announced at the Univention Summit 2018, we have taken another important step towards making UCS a secure and open platform for managing a wide range of services.

The goal we are pursuing: All UCS users should retain full control over their data and digital identities at all times. Also they should have the greatest possible and free choice between different software applications.

Linux Programs in Windows: Just Integrate UCS in Active Directory

Our Univention App Center offers many open source applications from all areas, which you can add to your UCS environment in just a few clicks. Whether groupware, CRM or backup solution – the list of apps is growing continuously. If you want to use these applications in a Windows environment, UCS offers a particularly convenient way of doing so: UCS can be integrated with existing Windows environment, in particular, in an existing Active Directory domain.

After such an integration for which you use our app ‘Active Directory Connection’, the Active Directory (AD) continues to work as a the primary directory service, while UCS can extend the AD domain by exactly those open source software solutions that are available in the App Center.

New in Univention App Center: Apple School Manager Connector

iPads in schools

The digitisation in schools that are equipped with UCS@school continues to progress rapidly. Many school authorities and federal states are providing schools with mobile terminals for use in the classroom. Apple’s iPads in particular are in demand. The devices are robust, easy to use and affordable. They are also equipped with a large number of special apps for digital education.

While iPads are usually tied to a single user, there is one exception for schools with the so-called shared iPads: Students authenticate themselves with their credentials and can thus access personal data, homework, apps, books, etc. This not only saves costs but in combination with mobile device management also a lot of time, as teachers can manage the contents centrally.