UCS Identity Management Manages Mail Platform With Over 30 Million Users

US Mailboxes

More than two years after the start of one of the largest projects in which Univention has been involved to date, a new mail platform with over 30 million managed end users finally went online in late 2016. UCS takes care of the identity management duties for all the user accounts.

I first reported on the challenges of the project almost a year ago in the article How can OpenLDAP with UCS be scaled to over 30 million objects?. However, it is now no longer a “gray theory” – the project has now gone live and the LDAP has had to cope with the strain of thousands of accesses every second in real time ever since.

Today, I would like to provide you with an update and share with you some of our most important findings from the going live process.

WordPress for UCS 4.1 and 4.2 now in the App Center

Screenshot von WordPress

You can now build beautiful websites and blogs with our new, free to use WordPress application for Univention Corporate Server, which is available to you in the App Center, and benefit from the integration into UCS’ identity management.

This app is provided as a Docker-based app. WordPress will update itself in the container independently, so WordPress should always stay up-to-date. The future updates for WordPress released by the App Center will then mainly update the software, which is located around WordPress in the container.

Monitoring with NOCTUA® Athene for UCS 4.2 now in the Univention App Center

We are pleased to present the monitoring solution NOCTUA® Athene as a Docker-based app in the Univention App Center for UCS 4.2.

NOCTUA® Athene is a flexibly configurable solution for the detection of failures on any number of systems, hardware and software. By using predefined protocols (e.g. SNMP, WMI, SSH, Ping, or SQL) as well as host and service templates, the software facilitates the work of IT administrators.

First point release of UCS 4.2 published

With UCS 4.2-1 the first point release for Univention Corporate Server 4.2 is now available.

It includes various detail improvements and error corrections. Some of the most important changes are:

  • The forwarding of e-mails per each mail user can now be saved in the UCS management system.
  • Improvements in changing the password in the Univention Management Console: From now on, also users from a Microsoft Active Directory domain can change their expired passwords. In addition, more hints are now displayed if the password change should fail.
  • The possibilities for IPv6 (Internet Protocol Version 6) configuration have been improved in various services, for example in the Nagios or proxy server configuration and in the UCS management system.

Data Privacy-Compliant Integration of Office 365 in Fulda schools

Foto vom Rathaus in Fulda

The municipal authorities of the German city of Fulda in the state of Hesse are responsible for the administration and operation of the IT in 23 schools in Fulda – including 2 vocational schools and 2 grammar schools – for a total of 13,000 pupils and 1,000 members of teaching staff.

Unlike in the rest of Hesse, as an education authority for a small city, we have the city’s own well-developed fiber-optic network at our disposal. The majority of the schools are already connected to the fiber-optic network covering the whole city, which allowed us to do away with local servers in the schools at an early stage and focus on a centralized IT concept instead. As a result, all the school IT in Fulda now runs over centralized servers in our administration center. We operate an Active Directory domain of our own design on these servers with centralized domain controllers, to which a terminal server farm comprising both Windows and Citrix servers as well as the central file servers are connected.

Facilitate Your Work by Integrating Listener Modules in UCS

Graphic Listen to me!

Listener modules support you in your administrative work by synchronizing and controlling all changes in the UCS’ OpenLDAP Einacross all connected services – Learn how to build and use them!

You are surely using a variety of (cloud) services in your organization and, if required, these services will make changes to your directory service, either Active Directory or OpenLDAP. In heterogeneous environments, where UCS is typically used, the question is, how can service A notice the changes that service B has made to certain objects in the directory, and that are relevant to both services? For example, when a new printer has been added to the network, and has joined the UCS domain, the list of printers is updated in the configuration file of the printer service (CUPS) and the service reloaded.

OX App Suite – the whole office online

Screenshot OX App Suite

The groupware solution OX App Suite, available in the Univention App Center, is aimed at companies, educational institutions and public administrations looking for a modern and future-proof communication solution.

OX App Suite is a modular communication and collaboration platform. It is based on open standards and can be used in combination with Univention Corporate Server (UCS) for the integration into existing IT infrastructures.

Brief Introduction: Two-Factor Authentication

Fingerprint authentication
As part of our “Brief introduction” series, you will learn today what is meant by two-factor authentication.

If you are planning to use security software, you will surely stumble upon this term, as this method provides additional protection for your business when it comes to login processes, especially for data-sensitive areas. Often enough, it has happened in the past that the identities and associated passwords of users from, for example, large mail providers like Yahoo were stolen. As users often use the same password for different services, there is a risk that the criminals use the stolen data to gain access to other services, thus causing great damage. Securing user authentication against sensitive areas or business-used services not only by requesting a password but also through a second authentication, data breaches become much more difficult for attackers.