Improved Network Security and Performance with a Reverse Proxy

Welt-Laptop-Sicherheit
Providing services on the Internet is part and parcel of day-to-day work in a company nowadays, but you don’t always want the server to be directly accessible from the Internet when doing so. A reverse proxy can control access in such cases using ACLs (access control lists). The reverse proxy can also reduce the number of IP addresses required, as it can provide access to multiple systems behind one IP.

How-To: Administration of Groups in UCS

Whether it’s for access to the UCS portal, printers, or files, users’ authorizations in UCS are defined by their group memberships. This process facilitates the administration of authorizations in large environments in particular as there is no need to assign individual authorizations to each user separately. The group administration reduces the administrative efforts required when mounting new services to the central IDM especially if these services can be made available to defined groups in one go.

UCS 4.3-2 Published! New: Maintenance Mode for Release Updates …

Univention Corporate Server Logo
With UCS 4.3-2, the second point release for Univention Corporate Server (UCS) 4.3 is now available, which includes a number of security updates and various new features.

New: UCS maintenance mode

UCS 4.3-2 now offers a maintenance mode for importing release updates via Univention Management Console (UMC). UMC is the web-based, graphical user interface for the administration of the entire domain. In the past, when a release update was recorded, short-term failures of the UMC could occur, for example, because the updated services were restarted.

New: UCS Dashboard Facilitates Administrator Monitoring

In the UCS Dashboard app, we now have the first (beta) version of a new dashboard based on the Open Source solutions Grafana and Prometheus. The app allows administrators to check the status of domains and individual servers on different dashboards quickly and simply. The dashboards can be accessed simply via a web browser, access a database in the background, and deliver updated reports on certain aspects of the domain or servers continually.

Install Matterbridge & Bridge Mattermost to Chat/ChatOps

graphic about Matterbridge building bridges to other chat tools
At Kopano we have been developing packages to easily install and update Mattermost for quite some time now. For those using the Univention Corporate Server (UCS) we maintain an app that sets up Mattermost and configures it for you automatically.

But what if you already have a chat platform in your company and cannot migrate all users at the same time? Or you want to provide a Mattermost chat for all your customers, but only want to buy a Mattermost subscription for your internal users? Or you have a subset of your users relying on your old chat platform and clients?

Briefly : Set Up a UCS Mail Server as a Central IT Service

Graphic about UCS and mail server
Learn in this article how to set up a fully functional mail server. As e-mails are today an essential part of business communication, we recommend to embed the mail server as a central service into the IT of your organization.

Let me show you here not only how to do this but also explain the various options for receiving and sending mails. In addition, I will describe how to configure the users.

Ready to use: Nextcloud, ownCloud, Kopano, OpenProject or Mattermost App Appliances

Appliances are available for a number of apps from the Univention App Center for fast and easy deployment to different virtualization platforms. In the appliances UCS is already pre-installed. The setup of appliances is for the systems simple and always the same: the user runs through a system setup wizard, in which the settings required for operation are made. Then then system configures itself and voilá ….

ID4me – Your Universal Digital Profile

ID4me

A universal digital profile, with full privacy control for the users

Many users are tired of remembering hundreds of usernames and passwords. So the majority is either using one password for everything or storing their login information in the browser. Security managers are frequently shocked by the password management of users. But security and IT experts are now able to relax as a group of Internet experts has created a global open standard: ID4me.

Only a short percentage of users is changing their passwords on a regular basis. And when choosing a password, „easy to remember“ usually beats „secure, unique and complex“. Of course, you want to make sure your users choose a username and password combination that is secure. Forcing users to do so often results in storing the login credentials in the browser. Some systems force their users to change the password on a regular base, resulting in frustrated users or employees.

Chrome Warns Users against HTTP – Configure with Let’s Encrypt free SSL Certificates for UCS

With the announcement of July 23, 2018 at the beginning of February this year, Google created a new milestone on the path to a fully encrypted web. On this day the new version 68 of the Chrome browser will appear, which will, for the first time, mark all websites accessed via HTTP as unsafe. Instead of the well known green lock, which stands for secure HTTPS connections, there will then be shown a grey lettering indicating the uncertainty of the connection.