By default, UCS users can enter the password incorrectly any number of times without being locked out by the system. In order to make brute force attacks to crack passwords more difficult, admins can set up an automatic lockout that prevents an account from being accessed after a user-defined number of failed attempts.
Univention Corporate Server offers several methods for authentication and authorization. In this blog article I will show you how to log failed login attempts to the system via PAM stack, OpenLDAP and Samba respectively and how you as an admin can set a limit for the number of unsuccessful logins.
Policies can, for example, be used to specify a minimum length or to require users to change passwords regularly. In addition, Univention Corporate Server provides a quality check that forces the use of a certain number of numbers, special characters, uppercase and lowercase letters in passwords. This article presents some tips and tricks for setting up a good password policy in an UCS domain. We also show what variables can be set in the Univention Configuration Registry to optimize the whole thing. If you are using Samba in your environment, this article will also explain how to adjust the password requirements for the Samba domain object to those of the new policy.
Web Proxy and “Shalla List” for Access Rules to External Websites and Higher Performance at the Same Time
The web proxy, which is a central component of UCS@School, is used to improve performance and control data traffic. In this blog article I’ll show you how to configure Squid Proxy with SquidGuard and how to combine both with existing (youth protection) website filters. And with the “Shalla-List-Downloader” I would like to present you a Cool Solution, with which you can further round off this protection and which we have already successfully implemented in various school projects.
More Services, More Space, Less Downtime?
Anyone operating IT services for companies or organisations will sooner or later be confronted with this: everything is growing, you need more space for data and virtual machines, at the same time the demands for the availability of services are increasing and the hardware servers also need to be maintained.
Classic solutions for available storage such as NAS (Network Attached Storage) and SAN (Storage Area Network) systems are often expensive and just as often proprietary – and therefore not necessarily the basis you want to build your own IT infrastructure on as part of an open source strategy.
Video Tutorial: Integrating Ubuntu Clients into the UCS Domain with Univention Domain Join Assistant
Anyone who frequently participates in them knows that nothing is more disturbing than distorted scraps of conversation and lagging interlocutors. A flawless transmission, however, enables employees to focus on the essential topic and exchange information about it, even in a digital environment. It adds up to a good feeling keeping control of the data when discussing internal company information or when talking to customers.