Active Directory Alternative Linux

- 21.30

Why it's Finally Time to Replace Active Directory® - JumpCloud
photo src: jumpcloud.com

Univention Corporate Server (UCS) is a server operating system derived from Debian GNU/Linux with an integrated management system for the central and cross-platform administration of servers, services, clients, desktops and users as well as virtualized computers operated in UCS. In addition to the operation of local, virtual instances, UCS can also be operated in OpenStack-based, Microsoft Azure-based and Amazon EC2-based cloud environments. Via the integration of the open source software Samba 4, Univention also supports the functions provided in many companies by Microsoft Active Directory for the administration of computers operated with Microsoft Windows. UCS-based components and UCS-certified, established third party products can be installed and integrated via the Univention App Center. UCS provides all App Center applications with a runtime environment and services for the operation including a central, consistent management of the apps. Docker containers can also be run on UCS systems and several of the apps available in the App Center are Docker-based.

Univention is a member of the Open Source Business Alliance and supports the creation of the Open Source Business Alliance open source software stacks.


Eliminating Microsoft, Part 4: Windows Server - JumpCloud
photo src: jumpcloud.com


Maps, Directions, and Place Reviews



History

The impulse for the development of UCS, which began in 2002, was the lack of a standardised Linux server operating system offering companies and organisations an alternative to Microsoft's domain concept with the proprietary directory service Active Directory. Comparable Linux solutions (e.g., from SUSE and Red Hat) did not offer an integrated, cross-system user and computer management system, with the result that corresponding solutions had to be configured and maintained individually.

Important early driving forces for the development of UCS were initially the Oldenburgische Landesbank and the department of the Bremen Senator for Education and Science, until the product was ready for market launch at the end of 2004. Since then, in addition to new versions, a number of software solutions based on the main product UCS have also been launched.

UCS is predominantly employed in the German-speaking world by companies and public organisations from a wide range of sectors and fields, among others by the regional government authority of the federal state Brandenburg. In 2005, Univention began to market UCS also in other German-speaking countries. Today, UCS is used in many European countries and also outside of Europe, for example, in Australia, Nigeria and the USA where Univention established a subsidiary in 2013.


Why it's Finally Time to Replace Active Directory® - JumpCloud
photo src: jumpcloud.com


Licenses and Editions

UCS is open-source software; the proprietary developments of Univention GmbH included in UCS were published under the GNU GPL until Version 2.3. With the launch of Version 2.4, the company switched to GNU AGPL. There are also a range of software appliances based on UCS (e.g., in the groupware, desktop and IT service management fields).

Since April 21, 2015 UCS is freely available to companies in form of the UCS Core Edition, which replaced the previous ,,free for personal use" license. This Core Edition is a fully featured version and differs from the fee-based edition only in terms of product liability and support.


Samba 4.0 Enhances Open Source Active Directory Integration ...
photo src: www.channelfutures.com


Structure and components

Univention Corporate Server is based on the Linux distribution Debian GNU/Linux. There are numerous open source applications integrated in UCS, for example Samba, the authentication service Kerberos, the virtualization software KVM, Nagios for the monitoring of servers and services and the backup solution Bacula. The core and important unique selling point of UCS is the central administration tool "Univention Management Console", which allows the cross-system and cross-location management of IT infrastructures. UCS uses the directory service OpenLDAP to save data for identity and system management.

The administration tools are operated via the web-based applications and command-line interfaces. Thanks to the integrated administration service UCS Virtual Machine Manager (UVMM), the administration tools also allow the central administration of virtualized servers and clients, hard drives, CDROM and DVD images as well as the physical systems on which they are operated.

The manufacturer goes to great lengths to guarantee possibilities for the integration of UCS in existing IT environments via the use of open standards and supplied connectors. In this way, the integrated tool Active Directory Connection allows the bidirectional synchronisation of the Microsoft directory service Active Directory and the directory service used in UCS, OpenLDAP. In addition, UCS offers various interfaces for manufacturers of application software enabling them to integrate their applications in the UCS management system.

Since UCS 3.1, UCS provides with "Univention App Center" an own graphic management component for the installation and deinstallation of UCS components and UCS-certified third-party appliances. The Univention App Center includes, beside Univention solutions, for example, the Open Source groupware solutions Kopano, Kolab and Open-Xchange, the backup solution SEP sesam, the document management system agorum®core, the customer management solution SugarCRM and the dropbox alternative ownCloud. Since its initial release, the Univention App Center is permanently expanding with UCS-certified products.


Using LDAP and Active Directory with C# 101
photo src: auth0.com


Application areas of the products in the Univention App Center

The products and UCS-components which are available in the Univention App Center serve a variety of application areas. For the following application fields, among others, are solutions available:

Access management and Authentication

The UCS RADIUS app secures access to the network via the RADIUS protocol. The UCS-integrated SAML app provides a Single_sign-on identity provider for UCS based on the Security Assertion Markup Language (SAML) protocol and the SimpleSAMLphp software framework. With help of the identity provider, a single sign-on functionality for third party web services and applications (e.g., Google Apps, Salesforce.com etc.) can be realized while the authentication is done at the identity provider itself. The user management is done via UCS where users are individually activated for particular web services. In addition, the authentication process can be extended by a second factor (2-factor authentication) via privacyIDEA from the App Center.

Active Directory-compatible services

With the component Active Directory-compatible Domain Controller based on Samba 4, UCS can be used as an Active Directory domain controller for Windows systems including file, printer and network services.

If Microsoft Windows and Linux environments are to be operated in parallel, the component UCS Active Directory Connection brings together the domain managed by Univention Corporate Server and an existing Active Directory. Thus, UCS can become a member of the domain and operate as a platform. Alternatively, UCS runs in parallel to an AD, for example to establish a migration path. In both cases it creates an automatic synchronisation between Microsoft Active Directory and Univention Corporate Server including passwords, group definitions and other directory service objects. Active Directory Connection avoids double, demanding, complex and error-prone administration.

If the aim is to replace Microsoft domain controllers completely by UCS which also includes the parallel switching-off of all Active Directory domain controllers, the UCS-component Active Directory Takeover allows the migration of objects from a native Active Directory domain controller to a UCS Samba/AD domain controller.

Client management

With Univention Corporate Client (UCC), the App Center offers an efficiently manageable operating system for PCs, notebooks and thin clients in companies and institutions. The software's desktop environment contains an Ubuntu-based desktop environment optimized for business use. It provides integrated management procedures for users, clients, desktops and permissions, thus avoiding the deployment of different, non-compatible management tools. UCC serves as a platform for the access to remote desktop solutions and virtualised desktops as well as to browser- or terminal server-based applications.

Data backup

With SEP Sesam and Bareos, the App Center offers two well-known solutions for backup, archiving and recovery of all established operating systems, virtualization solutions, applications, databases and files.

Integration of Microsoft Office 365 and Google Apps for Work

The user management for the cloud services Office 365 and Google Apps can be integrated into UCS via the tools Microsoft Office 365 and Google Apps for Work. Users can thus be managed locally instead of in the cloud. And with the single sign-on system integrated in UCS, users don't need another password to access these two cloud services.

Mail and groupware

UCS mailservices assumes the role of a complete mail server. It is based on Postfix for sending mails via SMTP and on Cyrus for the provision of mail boxes via IMAP and POP3. Virus checks via the scanner ClamAV and spam detection via SpamAssassin are integrated. Shared IMAP folders and mailing lists can be configured in the Univention Management Console.

In addition, the Univention App Center offers an integration of the established groupware solutions Open-Xchange, Kopano, Kolab and Tine 2.0.

For mailserver protection and antivirus demands, the Univention App Center also offers the Kaspersky Security app for Linux Mail Server by Kaspersky Lab with an integration to the UCS administration interface.

Monitoring

With Icinga and Nagios, the App Center offers two well-known solutions for system and network monitoring. In addition to the default Nagios plugins, UCS provides specific Nagios plugins, e.g., for the monitoring of domain replication.

Network and intranet management

The DHCP server in the App Center is a service for the dynamic IP management for IPv4 networks. It is flexibly configurable and administrates even large networks reliably. During the configuration, you have the possibility to decide whether the IP addresses should be assigned dynamically or fixed. By specifying the MAC address, systems can be assigned a fixed IP address and this allows you to rule out third-party systems.

The proxy server Squid receives inquiries about internet contents and verifies whether these contents are already available in a local cache. Answering times for the users and the transfer volume via the internet access can be reduced. In addition, it also allows the control and administration of the access to Internet contents. For example, it can be specified which users or user groups can access which websites and which they can't.

Printer management

UCS offers a print server on the basis of the software CUPS (Common UNIX Printing System) with which complex printer environments can be established. PPD drivers for most printer models are supplied.

Virtualization

With UCS Virtual Machine Manager (UVMM), the App Center offers a standard component in the UCS administration system managing virtualized IT infrastructures for different virtualization technologies like KVM. Since UCS 4.0, UVMM can also manage virtual machines on cloud platforms, which are based on OpenStack and Amazon EC2.

With the app KVM virtualization server, the App Center provides a hypervisor for the virtualization of systems using KVM. Multiple KVM nodes in the environment can be managed with UCS Virtual Machine Manager.

Source of the article : Wikipedia



EmoticonEmoticon

 

Start typing and press Enter to search