Beyond Facebook – Safe Social Networking for Schools with HumHub@school

The JOBELMANN-SCHULE – Berufsbildende Schulen I Stade vocational school developed its own social network for teachers and the school administration. Open Source made it possible to set it up in a manner that complies with the latest data privacy regulations, and the use of Univention Corporate Server for the basis also makes it easy to administrate.

The JOBELMANN-SCHULE in Stade has around 2,250 students, almost two thirds of which attend part-time while they complete vocational qualifications. There are 130 members of staff on site offering instruction in more than 20 careers requiring practical training. E-mail communication between the staff and students has long been handled by the groupware “Tine 2.0”, which is based on Univention Corporate Server and which we introduced some time ago with the support of the Hamburg-based company Files Per Hour. However, the majority of faculty members also wanted to offer the students a means of communicating with them outside of class. To this end, they began looking for a platform that spoke to the young people: a social network.

Every knows e-mails, but students are now using this communication channel less frequently and intensively. In addition, many solutions are not secure. In contrast, they do use Facebook, WhatsApp, etc., intensively. Those applications are out of the question for use by a school though, as there is absolutely no guarantee for the protection of personal data. For data privacy reasons, the official use of such networks is also explicitly forbidden for schools in the majority of the German states.

How UCS synchronizes Linux/Windows IT Infrastructures with Samba AD

The central management of a heterogeneous network has always been UCS’ strength. This was our goal from the beginning to provide a platform that bridges the Linux/Windows worlds. But how does the synchronization between UCS and Microsoft Windows actually work? The problem is that Windows doesn’t speak the same language as UCS. They don’t support the standard-compliant LDAP protocol that allows the communication between the server and clients in UCS. Microsoft has chosen a different approach for its Active Directory.

Let me explain you today which exact technologies we introduced in Univention Corporate Server to provide a solution to this problem. Among other things, I give you details about the replication process via listener/notifier for OpenLDAP, DRS replication for the Active Directory and the Univention S4 Connector, which synchronizes between Microsoft Windows and Linux.

1 Password for All Services and Networks with Single Sign-on

Single Sign-on in UCS at management console

Single Sign-on (SSO) is a process where your users authenticate themselves only once against the system and that’s it. They can then use a whole range of different programs, services, and cloud offerings without having to sign on personally each time again. Your users will love it. No more hassle with inventing and remembering numerous different passwords.

But single sign-on is not only about user friendliness. Another important aspect is, of course, the security of your data. When you’ve got a complex IT infrastructure, which includes mobile apps and devices and cloud services, the security risk increases a lot.

This is why I would like to explain here how you can catch two birds with one stone: Making work easier for your employees with single sign-on technology while keeping your data safer from external attacks at the same time.

Release of UCS 4.3-1: Various Security Updates and Usability Improvements

We released UCS 4.3-1, the first point release for Univention Corporate Server (UCS) 4.3. In addition to a number of security updates, it also brings various new features.

The diagnostics module of the Univention Management Console (UMC), for example, now provides further functional tests. These help administrators to check the “health” of the server and the entire domain. In addition, UCS 4.3-1 has improved its usability, for example with regard to the configuration of e-mail addresses or DNS settings. Furthermore, the integration of very large LDAP scheme extensions and the start of the LDAP server on DC backup and DC slave systems now work much more stable.

Setup of a Collaborative Workspace for a Globally Operating Team with UCS as the Central IDM System

Screenshot of the website of SOLARKIOSK

In this success story, you can find out how we set up a collaborative workspace for SOLARKIOSK AG, a company offering green energy services, high-quality products, and sustainable solutions all over the world. This workspace allows all members of the team to work and communicate with each other from anywhere and at any time – efficiently, reliably, and securely.

Automated Maintenance of Linux Desktop Clients in the UCS Domain with opsi

Grafik über Nutzerdownload

The well-known open source client management system opsi can not only deal with Microsoft Windows clients but also with Linux. As Univention announced the discontinuation of Univention Corporate Client (UCC), I want to present you opsi as an alternative for the fully automated installation, maintenance and inventory of Linux desktop clients in your domain. In addition, opsi can also do the same for complete Linux and UCS systems.

In the following, I explain you briefly how this works.

Setup of an Efficient IT Infrastructure with Central Identity Management in 261 schools in Cologne

A large-scale project is currently under way in Cologne, Germany: the setup of a standardized, centralized identity infrastructure for all schools. This is set to include considerable simplification of the software distribution and the administration via the education authority over the coming years and measures to ensure that the schools in Cologne are ready for the digitalization of education.