Central Domain Management with Samba and Active Directory

Graphic of a company's worldwide network

The release of UCS 4.3 also provides you with the Samba version 4.7 . Compared to older versions, it clearly improves the performance in the area of LDAP queries and replications of group memberships in particular. This offers great benefits, particularly for large organizations with several thousands or even ten thousands of authentication accounts.

But what is Samba in general? How can it be compared to Microsoft‘s Active Directory? Where is it involved in UCS‘s identity management and how can you benefit from it?

In this article I want to present you two solutions for the central detection and authorization of the members of a domain. Both of them enable you to centrally administrate a domain network. They also help to achieve more data protection and significantly increase failure security for your IT systems.

Besides, I want to show you how UCS is able to bridge the gap between the Linux world and the Windows world. By this you can reap the benefits of both systems, instead of having to decide for one and thus restrict yourself.

Data Ethics & Digital Selfdefense

Using a fake identity to trick Facebook, getting paid for jogging and how to book one and the same hotel room cheaper via VPN – in their keynote speech „Data Ethics & Digital Selfdefense“ at this year‘s Univention Summit, author Pernille Tranberg and journalist Steffan Heuer showed how big our digital footprint actually is and what information we (un-)consciously publish about ourselves on the internet.

Release UCS 4.3: Easy administration of portal pages, higher performance and single sign-on for apps

With UCS 4.3 we have integrated numerous security updates – most recently the Samba 4 update of March 13 – and closed hundreds of bugs. But not only, we also focused, among other things, on a significantly higher performance during data import and more convenience in the administration of portal pages or users, for example. In addition to an efficient and easy management of UCS, it was also important to us to create a positive user experience with UCS. Here, worth mentioning milestones are certainly a single sign-on during login to Windows or Linux desktops, which in parallel allows access to the Univention Management Console, Office 365, and ownCloud or Nextcloud, just to name a few of the improvements.

With UCS 4.3 we took another resolute step in the development of UCS into an open platform for IT operations and management in enterprises – whether it is a small organization with just a few users or organizations with hundreds of thousands of users.

Critical Security Update for Samba Published

Logo Samba

The Samba team discovered a critical vulnerablity in the access control of Samba/AD domain controllers. Any authenticated user can change other users’ passwords over LDAP including the passwords of the administrators.

We strongly advise to install the updated Samba packages for all UCS versions currently supported (from UCS 4.1-5 and UCS 4.2-3) which we have distributed today via the usual errata update channels.

Administration of Tablets in Everyday School Life with Mobile Device Management (MDM)

With the increased interest of schools to use tablets in classrooms, the Kreismedienzentrum Wildeshausen (media center of the district Wildeshausen) experienced a significant increase in inquiries for circulating tablets in 2015. In order to guarantee a safe operation of the equipment regardless of the location, the institution was faced with the task of organizing a reliable central tablet management.

Due to lack in personnel at the KMZA it was impossible to organize a manual device management, in which the tablets are connected to a laptop via USB cable and the subsequent MDM configuration is carried out individually.

In addition to the central tablet management, they planned to lend the devices to the schools as a so-called ‘suitcase solution’ and wanted to make remote maintenance possible.

Brief Introduction: How Can UCS Systems Be Updated Automatically?

Like any operating system manufacturer, Univention usually publishes weekly updates. As an administrator, you want to install them as soon as possible. However, in large UCS environments with many connected servers, manual updates can take a lot of time, which is not always available every week. The easiest way to reduce such a big workload is to automate the task by using policies.

In the following, I want to explain how you can set up an automated update of UCS systems by using the policy ‘maintenance settings.

“Vote for Apps” End of 1. Round: Did Your Favorite Make It?

It’s been a while now we have introduced a new category to the App Catalog on our website called “Vote for Apps”. Here, we present Apps that are not yet available in the App Center but for which you can cast your vote. We thus want to find out which solutions are most useful for helping you in your daily operations. Your answers not only help us to decide which Apps we will introduce next, but your answers also serve us as a valuable basis for commmunication with the respective vendors.

Module System Diagnostic: Your Problem-Solving Assistant in UCS

Foto von Errormeldung

With the UCS module System Diagnostic you can easily analyze the system for existing or potential problems in your UCS instances. Initially, the module contained six different verification options. Today, there are already 54 available to help you ensure the smooth operation of your IT system by identifying disruptions and providing corrective solutions.

Below we give you a brief understanding of the benefits and operation of this tool. At the same time we would like to invite you to give us feedback. Our wish is to continuously optimize and extend the system diagnostic for you. So let’s get started.