Film Tutorial: How do you provide Self Services in UCS and how do you use them?
Reporting for professionals: Log activities in the UCS LDAP directory service
Many services and processes running in a domain document their activities fully automatically in the background. The log files contain information about users’ logins to the system, installation and uninstallation of software, access to web pages, error messages and other information. Univention Corporate Server (UCS) also creates such reports – either behind the scenes in the form of log files or by using the UCS Admin Diary. You can also obtain ready-made reports as CSV or PDF files via the Univention Management Console or Shell.
In this article, I would like to show you how to create audit-proof log files of the LDAP directory service with Univention Directory Logger. I’d also like to tell you how to obtain a complete overview of the operations in a UCS domain with Admin Diary and how you can evaluate data from the directory service with Univention Directory Reports.
Connecting Ubuntu and Linux Mint Clients to UCS Domains: New Version of the Univention Domain Join Assistant
The tool offers a graphical user interface and a command line tool for admins who prefer to work on the shell. We have just released a new version of the Domain Join Assistant that comes with various improvements and supports the latest Ubuntu and Linux Mint versions. In this article I’m going to show you how the tool works and I’m going to introduce the new features.
How To configure the BigBlueButton video conferencing solution for UCS and use it easily
Samba 4 and OpenLDAP: SURF relies on UCS
SURF is the cooperative association of Dutch educational and research institutions. One of the goals of our organization is to facilitate research with HPC (High Performance Computing). We run national super computer clusters and provide computing power, data transport, data management and analysis for the Dutch academic community, i.e. to universities, universities of applied science, senior secondary vocational institutions (MBO), UMCs and research institutions.
Secure Communication Processes in UCS with (Self-generated and Signed) Certificates
Certificates – Why and What for
In this article I would like to give you an insight into the topic “Securing the Internet-based exchange of information through certificates”. I’ll take a quick look back at the beginnings of the Internet and the use of protocols such as HTTP, SMTP, POP … and their encrypted transport via SSL or TLS. Above all, however, I would like to explain to you how you can use public certificates with Univention Corporate Server to secure your data transfer or also how you can create trustworthy certificates by yourself with Let’s Encrypt. Completely secure and free of charge on top.
Synchronize Password Hashes between MS Active Directory and UCS
Version 4.4-4 of Univention Corporate Server (UCS) comes with some cool new features, one of them being the new AD Connector app. It makes the synchronization of password hashes between a Microsoft Active Directory domain and a UCS domain significantly more secure and less error-prone. While previous versions could only synchronize NTLM hashes, the AD Connector of UCS 4.4-4 also reads newer hashes, the so-called Kerberos keys which allow single sign-on (SSO) to different applications.
I am a second-year trainee at Univention (job description: IT specialist for application development). I was involved in the development of the new feature and mainly had to deal with three tasks: the AD Connector itself, the OpenLDAP overlay module, and the S4 Connector (Samba). In this blog post I’m going to explain what Kerberos hashes are and how I implemented the new feature.
Film Tutorial: How to Add a Windows 10 Computer to a UCS Domain
Jitsi Meet and the UCS Identity Management
In recent weeks, the increased demand for video conferencing solutions has kept us in the App Center team busy with the question of how Univention can help companies, organizations and school authorities to communicate effectively in digital form without leaving out aspects of data protection. For this reason, we have intensively studied various open source solutions for video conferencing and published quickly Jitsi Meet as an app in the App Center. It is now available to UCS users for easy installation.
Jitsi is a fully encrypted and 100% open source video conferencing solution. The connection to the UCS directory service via LDAP is already configured. Therefore, administrators of a UCS environment can give users access to Jitsi with their regular username and password using the Univention Management Console (UMC). Then Jitsi can be easily accessed from the UCS portal. In this blog post, I would like to show you the most important installation steps and then focus on the different use cases regarding user authentication. Organizations can use Jitsi Meet on Univention Corporate Server (UCS) to specifically control how open they make the access to the app and which users can conduct video conferences.