UCS Identity Management Manages Mail Platform With Over 30 Million Users

US Mailboxes

More than two years after the start of one of the largest projects in which Univention has been involved to date, a new mail platform with over 30 million managed end users finally went online in late 2016. UCS takes care of the identity management duties for all the user accounts.

I first reported on the challenges of the project almost a year ago in the article How can OpenLDAP with UCS be scaled to over 30 million objects?. However, it is now no longer a “gray theory” – the project has now gone live and the LDAP has had to cope with the strain of thousands of accesses every second in real time ever since.

Today, I would like to provide you with an update and share with you some of our most important findings from the going live process.

Facilitate Your Work by Integrating Listener Modules in UCS

Graphic Listen to me!

Listener modules support you in your administrative work by synchronizing and controlling all changes in the UCS’ OpenLDAP Einacross all connected services – Learn how to build and use them!

You are surely using a variety of (cloud) services in your organization and, if required, these services will make changes to your directory service, either Active Directory or OpenLDAP. In heterogeneous environments, where UCS is typically used, the question is, how can service A notice the changes that service B has made to certain objects in the directory, and that are relevant to both services? For example, when a new printer has been added to the network, and has joined the UCS domain, the list of printers is updated in the configuration file of the printer service (CUPS) and the service reloaded.

Secure Operation of Existing Applications in the Corporate Environment with Open Source Tools

Last year I submitted my Master’s thesis titled “Secure Operation of Existing Applications in the Corporate Environment with Open Source Tools”, and successfully earned my degree in IT from Bremen University of Applied Sciences. My research focused in particular on the differences and the security-related advantages/disadvantages of server virtualization compared with operating system virtualization, which had undergone much less intense testing at the time.

As I can imagine that this is a topic which will also be of interest to some of you too, I decided to summarize the most important findings of my work here:

Ansible Modules for the Automation of UCS-Specific Tasks

Ansible Logo

As a long-term Univention partner, we at Adfinis Sygroup operate UCS environments for many of our customers. We employ Ansible for automation when running different Linux distributions as it standardizes the roll-out of UCS among other things.

Up until now there weren’t any Ansible modules available for UCS-specific tasks. To remedy this, we developed modules based on the standard script interface of Univention Directory Manager for recurring tasks in the maintenance of the directory service with the goal of simplifying the process. These currently include the following:

udm_group
udm_user
udm_dns_zone
udm_dns_record
udm_share

These modules are included in the Ansible extra modules as of Ansible Version 2.2 and can be used accordingly with Ansible, as can other modules. If additional Ansible modules are developed in the future (and not yet included in Ansible itself), it will be possible to add them to individual projects. The following offers a brief explanation of how these additional Ansible modules can be installed and then provides a brief introduction to the modules listed above.

Cool Solution Moodle – For Cooperative Learning

Moodle Logo

What are “Cool Solutions”?

Cool Solutions is the name we use to describe Univention solutions which expand UCS with practical, advantageous functions and which we successfully employ for our customers. These solutions are regularly showcased in the Univention Wiki in the form of Cool Solutions articles.

In this article I would like to introduce the learning platform Moodle and its interface with UCS. At the end of this article you can also find an interview we conducted with the Chemnitz education authorities, which are currently implementing Moodle in a number of the city’s schools.

How to Integrate with LDAP: “Generic LDAP Connection”

LDAP

In the blog article series “How to integrate with LDAP”, we introduce a whole range of different options and possibilities for how the LDAP provided by UCS can be expanded or used in cooperation with other services.

In the first section of this article, “Typical Configuration Options”, I will be using an example to demonstrate the sort of information typically required to perform user authentication against the UCS LDAP. I will be taking you through the necessary configuration steps using the project management system Redmine as an example, as this requests all the typical information.

In the second section, “Types of Search Users”, I will go into more detail on the possibilities available to you if it is not possible to search through the UCS LDAP anonymously.

If you are not all that familiar with the topic of LDAP yet, I would recommend you read our blog article: Brief Introduction: What’s Behind the Terms LDAP and OpenLDAP? first of all.

How can OpenLDAP with UCS be scaled to over 30 million objects?

Serverschränke mit Zahnrädern im Vordergrund

The majority of the environments in which UCS is employed include anywhere from a couple of dozen users up to several thousand – sizes which can be directly implemented with the standard configuration of UCS. In the systems operated by the education authorities we see a leap to between 10,000 and 100,000 users – in this case, the UCS@school concepts allow functioning scaling.

Even including groups, hosts, and other LDAP infrastructure objects in the calculations, these environments rarely exceed 200,000 objects. But what happens when an environment with more than 30,000,000 objects needs to be administrated in LDAP?

Univention App Center presented

Univention Corporate Server Logo

In this video tutorial we give you a short introduction into the Univention App Center. The App Center is a central feature of Univention Corporate Server which allows you to easily install and manage additional UCS components and business applications of third-party vendors. You can thus adjust your IT infrastructure to your personal needs at any time. One crucial and great benefit of the App Center is the central management of all apps including their users via the UCS management system.

More on this in the following video!

Cool Solutions – Guacamole…Not Just a Dip!

What are “Cool Solutions”?

Cool Solutions is the name we use to describe Univention solutions which expand UCS with practical, advantageous functions and are also sometimes employed by our customers. These solutions are regularly presented in the Univention Wiki in the form of Cool Solutions articles.

In a new series of articles, we want to introduce you to the five most popular “Cool Solutions” over the next few weeks. Today we are starting with Guacamole – and no, we don’t mean the tasty Mexican dip this time.

Page 1 of 3123