Starting signal for the Sovereign Administrative Workplace

Startschuss souveräner Verwaltungsarbeitsplatz
A huge opportunity for digitalization of not just the administration!

Last week, the project “Sovereign Administrative Workplace” was officially launched at the Federal Ministry of the Interior and in the presence of the Federal CIO State Secretary Markus Richter: Working together with Dataport and a number of other manufacturers from the open source ecosystem, Univention is developing the software for the administrative workplace of the future.

Samba: Backup and Restore on UCS

Backup & Restore UCS
Do you administer any Windows machines in your UCS domain? Do you also use Samba to provide an Active Directory-compliant domain controller with a login service for the Windows clients? If the answer is yes, you may have wondered what backup and restore strategy is best suited for your environment. What data do you need to back up? How do you go about restoring a single domain controller (DC) in the event of an emergency? And what to do if the entire domain is affected by a failure?

New UCS training program

Neues Schulungskonzept 2021
The Univention Corporate Server (UCS) technical training has long been an established and essential part of our service portfolio. It ensures the successful use of our products UCS and UCS@school in organizational IT. In a two-day seminar, our customers received a detailed introduction to UCS. They learned about its administration and configuration and were able to consolidate their knowledge with the help of practical exercises. Further, they could ask questions about their individual use.

How does Single Sign-on work?

OpenID Connect SAML SSO

Single sign-on (SSO) is an authentication process which allows users to log in to many different applications with only one set of credentials. They enter their username and password once and are automatically granted access to all programs and services which have been made available to them. After they have authenticated successfully for the first time, the SSO mechanism takes over and handles the authentication to all the other services.

Automatically manage Samba Shares in UCS and UCS@school

UCS Samba Freigaben
Whether you want to share files, printers or other services in your network – the Open Source software suite Samba is an incredible powerful tool which brings Linux, Windows and macOS client computers together. Samba can manage shares for users and groups, and since version 4, Samba can also take on the role of an Active Directory Domain Controller and thus replace the Windows directory service in a domain.

How to integrate with LDAP – Example Redmine

In the blog article series “How to integrate with LDAP”, we introduce a whole range of different options and possibilities for how you can use LDAP provided by UCS to expand or use in cooperation with other services.

In the first section of this article, “Typical Configuration Options”, I will be using an example to demonstrate the sort of information typically required to perform user authentication against the UCS LDAP. I will be taking you through the necessary configuration steps using the project management system Redmine as an example, as this requests all the typical information.

In the second section, “Types of Search Users”, I will detail the possibilities available to you if it is not possible to search through the UCS LDAP anonymously.

An introduction to DNS and its relationship with Univention Corporate Server

This article is about the Domain Name System (DNS) and explains how the “Internet’s telephone book” works. Alongside the fundamental details of name resolution on the Internet, we also look at special topics like administering DNS records in dynamic environments and debugging DNS setups during operation. We look at it within the technical framework of Univention Corporate Server, because it contains not only a dyed-in-the-wool DNS server, but also diverse tools to make managing DNS records significantly easier.

LDAP replication: ensuring fail-safe performance and reasonable load distribution

Server in use

It is well-known among IT staff members: the administration tasks (for multiple applications and depending access rights) which apply even with a small amount of users can prove to be very time-consuming. With possible changes of responsibilities or the joining of new staff members, chances are high that uncontrolled growth arises quickly within the IT infrastructure. And not only does this procedure take a lot of time, but it also endangers the security of your system after a while. A common consequence: the administration of users and their access rights becomes a nuisance and tends to get neglected. If not taken on in due time, this problem grows in parallel with the company and will, eventually, cause quite a bit of trouble. To get back in charge as soon as possible, it is recommended to establish a centralized user management in the shape of an Identity Management System.
Quite often, the so-called LDAP directory service (which we have also integrated in UCS) is the core of the identity management system. Meaning „Lightweight Directory Access Protocol“, it rather describes „only“ the protocol itself, even though users tend to adress „the LDAP“, while in fact talking about the LDAP directory service.