Release UCS 4.3: Easy administration of portal pages, higher performance and single sign-on for apps

With UCS 4.3 we have integrated numerous security updates – most recently the Samba 4 update of March 13 – and closed hundreds of bugs. But not only, we also focused, among other things, on a significantly higher performance during data import and more convenience in the administration of portal pages or users, for example. In addition to an efficient and easy management of UCS, it was also important to us to create a positive user experience with UCS. Here, worth mentioning milestones are certainly a single sign-on during login to Windows or Linux desktops, which in parallel allows access to the Univention Management Console, Office 365, and ownCloud or Nextcloud, just to name a few of the improvements.

With UCS 4.3 we took another resolute step in the development of UCS into an open platform for IT operations and management in enterprises – whether it is a small organization with just a few users or organizations with hundreds of thousands of users.

Critical Security Update for Samba Published

Logo Samba

The Samba team discovered a critical vulnerablity in the access control of Samba/AD domain controllers. Any authenticated user can change other users’ passwords over LDAP including the passwords of the administrators.

We strongly advise to install the updated Samba packages for all UCS versions currently supported (from UCS 4.1-5 and UCS 4.2-3) which we have distributed today via the usual errata update channels.

Brief Introduction: How Can UCS Systems Be Updated Automatically?

Like any operating system manufacturer, Univention usually publishes weekly updates. As an administrator, you want to install them as soon as possible. However, in large UCS environments with many connected servers, manual updates can take a lot of time, which is not always available every week. The easiest way to reduce such a big workload is to automate the task by using policies.

In the following, I want to explain how you can set up an automated update of UCS systems by using the policy ‘maintenance settings.

Module System Diagnostic: Your Problem-Solving Assistant in UCS

Foto von Errormeldung

With the UCS module System Diagnostic you can easily analyze the system for existing or potential problems in your UCS instances. Initially, the module contained six different verification options. Today, there are already 54 available to help you ensure the smooth operation of your IT system by identifying disruptions and providing corrective solutions.

Below we give you a brief understanding of the benefits and operation of this tool. At the same time we would like to invite you to give us feedback. Our wish is to continuously optimize and extend the system diagnostic for you. So let’s get started.

Errata Updates for Spectre and Meltdown Problems

Developers at Google have discovered a problem with processors of several different CPU vendors, which can be exploited by software. Due to these security vulnerabilities, unauthorized users may gain access to supposedly protected memory areas.

These problems, known as “Spectre” and “Meltdown”, are specified by the CVE (Common Vulnerability and Exposures) numbers: CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754. Apparently some of these problems affect most CPUs made by Intel, but also by AMD and ARM, regardless of the operating system in use.

We are currently working hard to provide errata updates for UCS to fix the problem. The current status and links to the errata can be found in the Univention Forum.

Univention Corporate Server 4.2-2 released

One of the highlights of the second point release of Univention Corporate Server (UCS) are the significant enhancements UCS 4.2-2 offers for managing services and apps that are hosted in public cloud services such as the Amazon Marketplace. Services installed on UCS can now be accessed directly without any further configuration effort. Our development department has extended access to these services via the UCS Portal by converting the links to relative links. For portal entries for which there are several links, heuristic procedures determine the best link.

UCS Identity Management Manages Mail Platform With Over 30 Million Users

US Mailboxes

More than two years after the start of one of the largest projects in which Univention has been involved to date, a new mail platform with over 30 million managed end users finally went online in late 2016. UCS takes care of the identity management duties for all the user accounts.

I first reported on the challenges of the project almost a year ago in the article How can OpenLDAP with UCS be scaled to over 30 million objects?. However, it is now no longer a “gray theory” – the project has now gone live and the LDAP has had to cope with the strain of thousands of accesses every second in real time ever since.

Today, I would like to provide you with an update and share with you some of our most important findings from the going live process.

First point release of UCS 4.2 published

With UCS 4.2-1 the first point release for Univention Corporate Server 4.2 is now available.

It includes various detail improvements and error corrections. Some of the most important changes are:

  • The forwarding of e-mails per each mail user can now be saved in the UCS management system.
  • Improvements in changing the password in the Univention Management Console: From now on, also users from a Microsoft Active Directory domain can change their expired passwords. In addition, more hints are now displayed if the password change should fail.
  • The possibilities for IPv6 (Internet Protocol Version 6) configuration have been improved in various services, for example in the Nagios or proxy server configuration and in the UCS management system.

Facilitate Your Work by Integrating Listener Modules in UCS

Graphic Listen to me!

Listener modules support you in your administrative work by synchronizing and controlling all changes in the UCS’ OpenLDAP Einacross all connected services – Learn how to build and use them!

You are surely using a variety of (cloud) services in your organization and, if required, these services will make changes to your directory service, either Active Directory or OpenLDAP. In heterogeneous environments, where UCS is typically used, the question is, how can service A notice the changes that service B has made to certain objects in the directory, and that are relevant to both services? For example, when a new printer has been added to the network, and has joined the UCS domain, the list of printers is updated in the configuration file of the printer service (CUPS) and the service reloaded.

Univention Corporate Server 4.2 Released: Improved Operating Concept and lots of New Technology under the Hood

Univention Management Console in UCS 4.2
The most striking new feature of the Univention Corporate Server 4.2 release is the significantly further developed operating concept for all users – not only for the administrators, but also for the end users. In addition to new features such as the online portal, this is due to the smoother interface, faster ways to overview deployed resources and improvements in the management system.

In the past months, our development department has worked intensively on bringing all the important UCS components to the latest state-of-the-art.

Page 1 of 712345...Last »