How UCS synchronizes Linux/Windows IT Infrastructures with Samba AD

The central management of a heterogeneous network has always been UCS’ strength. This was our goal from the beginning to provide a platform that bridges the Linux/Windows worlds. But how does the synchronization between UCS and Microsoft Windows actually work? The problem is that Windows doesn’t speak the same language as UCS. They don’t support the standard-compliant LDAP protocol that allows the communication between the server and clients in UCS. Microsoft has chosen a different approach for its Active Directory.

Let me explain you today which exact technologies we introduced in Univention Corporate Server to provide a solution to this problem. Among other things, I give you details about the replication process via listener/notifier for OpenLDAP, DRS replication for the Active Directory and the Univention S4 Connector, which synchronizes between Microsoft Windows and Linux.

Setup of a Collaborative Workspace for a Globally Operating Team with UCS as the Central IDM System

Screenshot of the website of SOLARKIOSK

In this success story, you can find out how we set up a collaborative workspace for SOLARKIOSK AG, a company offering green energy services, high-quality products, and sustainable solutions all over the world. This workspace allows all members of the team to work and communicate with each other from anywhere and at any time – efficiently, reliably, and securely.

Automated Maintenance of Linux Desktop Clients in the UCS Domain with opsi

Grafik über Nutzerdownload

The well-known open source client management system opsi can not only deal with Microsoft Windows clients but also with Linux. As Univention announced the discontinuation of Univention Corporate Client (UCC), I want to present you opsi as an alternative for the fully automated installation, maintenance and inventory of Linux desktop clients in your domain. In addition, opsi can also do the same for complete Linux and UCS systems.

In the following, I explain you briefly how this works.

Guide to Your Private UCS Server with ownCloud, Kopano & Let’s Encrypt

Have you ever thought?: “It’s enough! I finally want to set up my own robust, powerful server at home to put an end to the permanent threat that someone might hack my precious data.”

I did! And today, I’d like to share with you here all the necessary steps that are required for this. In addition to UCS, my home server scenario also includes a software bundle made up of groupware, mail, and file exchange software, i.e. ownCloud and the Kopano apps. This bundle make proprietary mail and groupware solutions redundant if you like. In addition, I also show you how to install Let’s Encrypt so that the connections to your UCS server will be well protected, too.

Univention Domain Join Assistant for Foolproof Integration of Ubuntu Clients into UCS Domains

Today we introduce our new Domain Join Assistant for Univention Corporate Server (UCS). With this tool, administrators can now integrate Ubuntu computers into a UCS domain without any additional manual configuration. Thanks to this, all users can log in directly to their Ubuntu desktop using their usual domain accounts. This automation eases administrators’ work to manage Ubuntu clients on the network. Thanks to Kerberos SAML integration, organizations that already use UCS version 4.3 can now offer their users single sign-on for the Ubuntu clients.

LDAP/OpenLDAP: The Two Pillars in UCS’ Identity & Access Management

LDAP

Our work environment is becoming more ‘colorful’, but also more difficult to handle and control. Employees increasingly determine for themselves which tools they use and where they work. As an admin, you easily lose track and become afraid of losing control over the security of your corporate IT.

Fortunately, UCS provides an identity and access management (IAM) that centrally manages and supervises all tools, devices, data, and accesses. By setting up a centralized IAM, you not only avoid shadow IT, but most of all, you regain control over your network and your precious data.

For those of you who have little technical knowledge in UCS, I like to explain today the terms LDAP / OpenLDAP, as they are the cornerstones of our central IAM system.

UCS at the SchwuZ in Berlin, Part 2: Synchronizing User Profiles

SchwuZ Keller

We would like to inform you about further mile stones we achieved with our IT project at the Berlin-based cultural event organizer SchwuZ and therefore complement our last blog article bitpack.io modernizes IT at the SchwuZ in Berlin with Univention Corporate Server from last year with instructions on how to setup synchronized user profiles.

Release UCS 4.3: Easy administration of portal pages, higher performance and single sign-on for apps

With UCS 4.3 we have integrated numerous security updates – most recently the Samba 4 update of March 13 – and closed hundreds of bugs. But not only, we also focused, among other things, on a significantly higher performance during data import and more convenience in the administration of portal pages or users, for example. In addition to an efficient and easy management of UCS, it was also important to us to create a positive user experience with UCS. Here, worth mentioning milestones are certainly a single sign-on during login to Windows or Linux desktops, which in parallel allows access to the Univention Management Console, Office 365, and ownCloud or Nextcloud, just to name a few of the improvements.

With UCS 4.3 we took another resolute step in the development of UCS into an open platform for IT operations and management in enterprises – whether it is a small organization with just a few users or organizations with hundreds of thousands of users.

Brief Introduction: How Can UCS Systems Be Updated Automatically?

Like any operating system manufacturer, Univention usually publishes weekly updates. As an administrator, you want to install them as soon as possible. However, in large UCS environments with many connected servers, manual updates can take a lot of time, which is not always available every week. The easiest way to reduce such a big workload is to automate the task by using policies.

In the following, I want to explain how you can set up an automated update of UCS systems by using the policy ‘maintenance settings.