In December we will open the beta release of UCS 5.0 to the public. For users who have been using UCS for a longer period of time, the renaming of the system roles in particular will bring a significant change, which will be visible in the beta release. In addition to the removal of known terms of discrimination (“master” and “slave”), we would like to use new names in order to reflect the central functionality of our new system in the respective names. In the following, I will introduce the new naming for the system roles and explain the goals we are pursuing with it.
Almost exactly one year has passed since the announcement that we are working on UCS 5.0. Since then, we have been very busy and made some important steps towards making UCS a future-proof platform. In December 2020, we intend to make the first results publicly available in a Beta Release. In this article, I would like to give you a first taste of the exciting new features that UCS 5.0 will bring.
Connecting Ubuntu and Linux Mint Clients to UCS Domains: New Version of the Univention Domain Join Assistant
The tool offers a graphical user interface and a command line tool for admins who prefer to work on the shell. We have just released a new version of the Domain Join Assistant that comes with various improvements and supports the latest Ubuntu and Linux Mint versions. In this article I’m going to show you how the tool works and I’m going to introduce the new features.
Release UCS 4.4-5 brings improvements in Single Sign-on, Self Service, more performance for LDAP and compatibility with Python 3
Version 4.4-4 of Univention Corporate Server (UCS) comes with some cool new features, one of them being the new AD Connector app. It makes the synchronization of password hashes between a Microsoft Active Directory domain and a UCS domain significantly more secure and less error-prone. While previous versions could only synchronize NTLM hashes, the AD Connector of UCS 4.4-4 also reads newer hashes, the so-called Kerberos keys which allow single sign-on (SSO) to different applications.
I am a second-year trainee at Univention (job description: IT specialist for application development). I was involved in the development of the new feature and mainly had to deal with three tasks: the AD Connector itself, the OpenLDAP overlay module, and the S4 Connector (Samba). In this blog post I’m going to explain what Kerberos hashes are and how I implemented the new feature.