LDAP/OpenLDAP: The Two Pillars in UCS’ Identity & Access Management

LDAP

Our work environment is becoming more ‘colorful’, but also more difficult to handle and control. Employees increasingly determine for themselves which tools they use and where they work. As an admin, you easily lose track and become afraid of losing control over the security of your corporate IT.

Fortunately, UCS provides an identity and access management (IAM) that centrally manages and supervises all tools, devices, data, and accesses. By setting up a centralized IAM, you not only avoid shadow IT, but most of all, you regain control over your network and your precious data.

For those of you who have little technical knowledge in UCS, I like to explain today the terms LDAP / OpenLDAP, as they are the cornerstones of our central IAM system.

Advantages of Roaming Profiles and Folder Redirection to Boost Network Performance + Data Availability

Männerkopf mit Binärcode

Would you like some valuable tips on how to increase network performance and user data availability when using Windows clients together with UCS?

Thinking about user data, many of us admins immediately understand that questions about the issues of backups, privacy, and availability, no matter whether across different machines or outside the office, can create us a considerable headache. But fortunately there are solutions in place and in this article I want to cover two of them.

UCS at the SchwuZ in Berlin, Part 2: Synchronizing User Profiles

SchwuZ Keller

We would like to inform you about further mile stones we achieved with our IT project at the Berlin-based cultural event organizer SchwuZ and therefore complement our last blog article bitpack.io modernizes IT at the SchwuZ in Berlin with Univention Corporate Server from last year with instructions on how to setup synchronized user profiles.

Short Introduction: How to Upgrade Your E-mail Server to a Bullet-Proof Fortress

E-mails have become an integral part in our everyday lives. In business anyway, but they have also found their way into our schools. However, schools face the same problems that have long been known by organizations: School authorities with thousands of students, hundreds of teachers and many administrative employees offer hackers a target at least as worthwhile as other large enterprises.

In this article, I’ll show you some simple yet highly effective measures that you as the administrator of a corporate IT or school IT can take to effectively protect your users and mail servers from hacker attacks. As massive spams are not only annoying or even dangerous to us all, they can also cause other mail servers to mistrust your email servers so that your users will no longer be able to send regular mails.

‘Vote for Apps’ End of 2. Round: Did Your Favorite Make It?

We’ve now finished the second round of the voting series ‘Vote for Apps’ in the Univention App Catalog which took place from February 9 to March 9. I thank all participants for their engagement and like to present the result today.

This time, you were able to vote for the Apps Cozy Cloud, a service to access personal data in the cloud, furthermore a connector to Dropbox Business as well as SOGo, an open source groupware server.

Central Domain Management with Samba and Active Directory

Graphic of a company's worldwide network

The release of UCS 4.3 also provides you with the Samba version 4.7 . Compared to older versions, it clearly improves the performance in the area of LDAP queries and replications of group memberships in particular. This offers great benefits, particularly for large organizations with several thousands or even ten thousands of authentication accounts.

But what is Samba in general? How can it be compared to Microsoft‘s Active Directory? Where is it involved in UCS‘s identity management and how can you benefit from it?

In this article I want to present you two solutions for the central detection and authorization of the members of a domain. Both of them enable you to centrally administrate a domain network. They also help to achieve more data protection and significantly increase failure security for your IT systems.

Besides, I want to show you how UCS is able to bridge the gap between the Linux world and the Windows world. By this you can reap the benefits of both systems, instead of having to decide for one and thus restrict yourself.

Data Ethics & Digital Selfdefense

Using a fake identity to trick Facebook, getting paid for jogging and how to book one and the same hotel room cheaper via VPN – in their keynote speech „Data Ethics & Digital Selfdefense“ at this year‘s Univention Summit, author Pernille Tranberg and journalist Steffan Heuer showed how big our digital footprint actually is and what information we (un-)consciously publish about ourselves on the internet.

Release UCS 4.3: Easy administration of portal pages, higher performance and single sign-on for apps

With UCS 4.3 we have integrated numerous security updates – most recently the Samba 4 update of March 13 – and closed hundreds of bugs. But not only, we also focused, among other things, on a significantly higher performance during data import and more convenience in the administration of portal pages or users, for example. In addition to an efficient and easy management of UCS, it was also important to us to create a positive user experience with UCS. Here, worth mentioning milestones are certainly a single sign-on during login to Windows or Linux desktops, which in parallel allows access to the Univention Management Console, Office 365, and ownCloud or Nextcloud, just to name a few of the improvements.

With UCS 4.3 we took another resolute step in the development of UCS into an open platform for IT operations and management in enterprises – whether it is a small organization with just a few users or organizations with hundreds of thousands of users.