UDM REST API (beta version) released: The new interface for accessing all content in the directory service

With the beta release of the REST API for the Univention Directory Manager (UDM), a preliminary version of the future standard interface for the integration of applications with the Univention directory service is available. In the following, I would like to give you a brief overview of the objectives and use cases regarding the current status of the API and encourage you to test it – we look forward to your feedback for further improvements for the final version!

What is the „UDM REST API“?

A “REST API” (also called “RESTful API”) is a web service that allows integration between applications.
The REST API of the Univention Directory Manager provides access to all contents of the Univention Corporate Server (UCS) directory service. Its functionality is therefore comparable to that of the already available and further existing scripting interfaces (e.g. the “udm” command line tool). In contrast to these, however, the API is accessible via the web through HTTPS and can be more easily integrated into existing applications using standardized data formats (JSON).

Schools in the District of Kassel: Managing iPads Centrally With UCS@school

In the district of Kassel, our team of 12 is responsible for the IT support of a total of 72 schools (49 elementary schools, 14 high schools, 3 grammar schools, 2 vocational schools, and 4 special needs schools) and around 27,000 user accounts (approx. 25,000 pupils and 2,000 faculty members). We take care not only of the hardware (server, PCs, iOS devices, etc.), the network, and the telephone systems, but also of the operating systems, software, and mobile device administration.
In this blog article, I would like to describe the challenges we encountered as a district with a large surface area and a multitude of small, spread-out boroughs when it came to allowing the use of mobile devices in our schools and keeping the efforts associated with the introduction and support to a minimum at the same time.

Differential backup by SEP sesam reduces backup volume and time expenditure for Kopano users

SEO Backup for Kopano and UCS
For quite some time it has been possible to make an online differential backup of Kopano. It is therefore sufficient to make a full backup at longer intervals (e.g. weekly). In between (e.g. every night) differential backups are sufficient, which occupy less space and are much faster.
Therefore we are happy that with SEP sesam we now have a backup software that supports Univention Corporate Server (UCS) and Kopano all-inclusive, including the differential backup for Kopano.

Brief Introduction: SAML- a secure, comfortable web access

SSO-SAML-UCS
SAML – meaning „Security Assertion Markup Language“ – is a standard which enables a Single Sign-On (SSO). Users only log in once and are able to use other programs and services automatically. UCS supports SSO with SAML as well. That‘s why users get not only a central identity by using SAML but also a central log-in with UCS, making web-based working more secure and comfortable.

UCS@school and Open-Xchange for Schools in Basel

For some time now, we have been looking for a consistent solution for the mail system used by our teachers and students. We need a secure environment that’s easy to manage. In a combined effort, ICT Medien and Adfinis SyGroup, a Swiss Service Provider, migrated the schools’ existing mail system with around 32,000 accounts. We connected the current identity management (UCS@school) to the e-mail and groupware solution Open-Xchange. In this article we’re going to describe the initial situation, talk about our considerations, the planning phase, and the requirements for the new mail and groupware solution. We’re also going to tell you about our system architecture and the servers involved. During the migration we encountered some problems – you’re going to read about them and about our solutions. Before we start with the more technical details, we’d like to say how happy we are with the new Open Source solution: The new mail system fulfils all requirements in terms of security, high availability, and the current data protection guidelines.

Smart Enterprise Ressource Planning: WaWision becomes Xentral

Xentral is an ERP/CRM system that can be easily installed via the UCS App Center. Until now, the software was available for download under the name “WaWision” in the Univention App Center. Xentral is a combination of a flexibly expandable basic version with its own AppStore. With Xentral, every company can individually define the scope of functions and thus configure exactly the ERP system it needs for its requirements. The free open source version already covers all important business processes such as master data management, quotation and order management, invoicing, warehouse management, shipping, time recording and much more. Xentral is extremely scalable with high performance and is used in particular by online retailers.

Rocket.Chat: Open Source, Data Privacy-Minded, and Loving It

Communication is key for every organization no matter the field or industry. If a team can’t easily and effectively share ideas and updates with each other, then they are more likely to miss deadlines and deliver a sub-par product. Broadband internet speeds have made real-time communication a reality, but it can be a challenge to sift all of the solutions on the market.

Rocket.Chat has positioned itself as a full-featured messaging platform with one big difference that separates it from the competition: it is a completely open-source product. Potential customers will appreciate that because they have the freedom to control their deployment of Rocket.Chat server and direct access to the latest source code. However, open-source projects also come with a number of other key advantages.
Rocket.Chat is doing things with security and privacy that your typical messenger either ignores or fails to implement. It’s also introducing its users to a virtuous loop, where users can become contributors in improving the system itself, which is another rare feature of a messaging app.

And Rocket.Chat is available as app in Univention App Center and already utilizes Rocket.Chat’s LDAP support to enable users within the Univention Corporate Server (UCS) identity management to login to Rocket.Chat. A pre-installed App Appliance for VMware, VirtualBox and KVM is available for download to get prospects up and running quickly and easily.

In this article, we’ll explore the history of how Rocket.Chat came to be and what lies ahead for its open-source community of developers and users.

Journaling for Sysadmins: Admin Diary

“When did I install or remove which app, and when was the last time the password for the UCS server was changed?” Answers to these and many other questions can be found in the Admin Diary, which we introduced with UCS 4.4. It provides a quick overview of all administrative events in a UCS domain, such as software and app installations and updates, creation, modification and deletion of users and other directory service objects, password changes, etc.

Strictly speaking, the new diary consists of two apps that you can easily install in your UCS environment through the Univention App Center: the Admin Diary Backend and the Admin Diary Frontend. The backend collects data from all UCS instances in the domain and stores it in a database. The frontend provides access to this log via a module of the Univention Management Console (UMC) and displays the events.

In this blog article, I will introduce you to both apps and also explain how to run backend and frontend on two different computers. This may be useful, for example, if there already is a dedicated database server in your environment: Then you install the backend there. The frontend will be installed on that system, on which you normally use the UMC (e.g. the Master). Let’s start with the standard option: both on one system.

Simplifying Administration with User Templates – How To

UCS has always focused on centralizing and simplifying the administrative tasks related to the individual components of IT infrastructure. One of the many small tools that can simplify the life of administrators are the so-called user templates. In the following, I will describe how to create the necessary attributes to specify user templates, which for example will automatically create e-mail addresses for the users with their first name and last name in this always constant pattern. I will also show you which settings you need to make in order to apply these templates to different users in your UCS domain.