Module System Diagnostic: Your Problem-Solving Assistant in UCS

Foto von Errormeldung

With the UCS module System Diagnostic you can easily analyze the system for existing or potential problems in your UCS instances. Initially, the module contained six different verification options. Today, there are already 54 available to help you ensure the smooth operation of your IT system by identifying disruptions and providing corrective solutions.

Below we give you a brief understanding of the benefits and operation of this tool. At the same time we would like to invite you to give us feedback. Our wish is to continuously optimize and extend the system diagnostic for you. So let’s get started.

Best use of LDAP in UCS: Schema Extensions for Adding Attributes & New Object Types

The LDAP server in UCS, like the Active Directory on a Windows server, stores all the information on your domain about all your resources from hardware to employee as objects, namely in a structured and well-defined manner. Every object has some defined attributes of a particular type. Common attributes of a user object are, for example, the user’s surname, password and further valuable information on him. Part of the LDAP is the LDAP schema, which provides the administrator with a clear overview on all objects by describing which types of attributes exist within the LDAP and what attributes they have.

So, if you want to include additional attributes or create entirely new object types, extending the schema might be the way to go.

New: UCS 4.2 App Appliances in Own Corporate Branding

Our App Center team has been busy as usual, releasing four Apps from the Univention App Center as App Appliances. An App Appliance bundles UCS and an App in a virtual machine. The Appliances are available for the virtualization and cloud formats KVM, VMware, and VirtualBox. In addition to the pre-configured App, they also contain a pre-configured UCS system and a management system for administrating the App itself and its users. App Appliances are thus a particularly easy way to start an App without having to install it via the in UCS integrated Univention App Center.

Asterisk Universal Communication Solution for UCS – The Cost-Effective and Flexible Alternative to VoIP

Logo asterisk4ucs

Asterisk is a leading, freely available voice over IP (VoIP) solution that companies can employ as an Open Source software without license fees. Originally designed by Mark Spencer at the U.S. company Digium in 1999, the solution is now being continually further developed by a growing development community around the world. In addition, it offers high functionality and boasts an extensive basis for telephony, unified messaging, and third-party systems.

UCS Identity Management Manages Mail Platform With Over 30 Million Users

US Mailboxes

More than two years after the start of one of the largest projects in which Univention has been involved to date, a new mail platform with over 30 million managed end users finally went online in late 2016. UCS takes care of the identity management duties for all the user accounts.

I first reported on the challenges of the project almost a year ago in the article How can OpenLDAP with UCS be scaled to over 30 million objects?. However, it is now no longer a “gray theory” – the project has now gone live and the LDAP has had to cope with the strain of thousands of accesses every second in real time ever since.

Today, I would like to provide you with an update and share with you some of our most important findings from the going live process.

First point release of UCS 4.2 published

With UCS 4.2-1 the first point release for Univention Corporate Server 4.2 is now available.

It includes various detail improvements and error corrections. Some of the most important changes are:

  • The forwarding of e-mails per each mail user can now be saved in the UCS management system.
  • Improvements in changing the password in the Univention Management Console: From now on, also users from a Microsoft Active Directory domain can change their expired passwords. In addition, more hints are now displayed if the password change should fail.
  • The possibilities for IPv6 (Internet Protocol Version 6) configuration have been improved in various services, for example in the Nagios or proxy server configuration and in the UCS management system.

Data Privacy-Compliant Integration of Office 365 in Fulda schools

Foto vom Rathaus in Fulda

The municipal authorities of the German city of Fulda in the state of Hesse are responsible for the administration and operation of the IT in 23 schools in Fulda – including 2 vocational schools and 2 grammar schools – for a total of 13,000 pupils and 1,000 members of teaching staff.

Unlike in the rest of Hesse, as an education authority for a small city, we have the city’s own well-developed fiber-optic network at our disposal. The majority of the schools are already connected to the fiber-optic network covering the whole city, which allowed us to do away with local servers in the schools at an early stage and focus on a centralized IT concept instead. As a result, all the school IT in Fulda now runs over centralized servers in our administration center. We operate an Active Directory domain of our own design on these servers with centralized domain controllers, to which a terminal server farm comprising both Windows and Citrix servers as well as the central file servers are connected.

Facilitate Your Work by Integrating Listener Modules in UCS

Graphic Listen to me!

Listener modules support you in your administrative work by synchronizing and controlling all changes in the UCS’ OpenLDAP Einacross all connected services – Learn how to build and use them!

You are surely using a variety of (cloud) services in your organization and, if required, these services will make changes to your directory service, either Active Directory or OpenLDAP. In heterogeneous environments, where UCS is typically used, the question is, how can service A notice the changes that service B has made to certain objects in the directory, and that are relevant to both services? For example, when a new printer has been added to the network, and has joined the UCS domain, the list of printers is updated in the configuration file of the printer service (CUPS) and the service reloaded.

Release Candidate of UCS 4.2 Now Available

Mockup Portal UCS 4.2

Today, we have published the Release Candidate UCS 4.2. Highlight of the release is the new, freely configurable online portal, which you can flexibly adapt to your needs and the one of your organization. Further, a lot less obvious changes we have made are: We have updated the distribution base of UCS to Debian 8 (Jessie) and we have now made natively available a large part of the Debian packages. Hence, we can provide important security and product updates much faster than ever before.

We will release UCS 4.2 beginning of April 2017. Everyone who is curious to know more about UCS 4.2 can see a live demonstration of the Release Candidate at the CeBIT in hall 3 / booth D36-620 till Friday this week.

Creating Trusts between UCS Samba/AD and Native Microsoft Active Directory Domains

Logo Samba, Sprechblase "what do you think"
In this article we would like to inform all IT administrators and IT-interested people about the possibilities of a trust between two domains (UCS Samba/AD and Microsoft AD). To set up a trust is to give users of one domain access to the resources of another. This can increase the scope for actions in some situations!

In our example, we will specifically refer to the interaction between Samba in UCS and Microsoft Windows, explaining in detail how a so-called trust relationship can be configured and informing about the current state of implementation.