UCS version 5.2 has been available as an alpha release since December - but this is not the only exciting development surrounding UCS. The presentation by Univention Product Manager Ingo Steuwer in the Technology Track of the Univention Summit 2024 provides an outlook on the release of UCS 5.2 planned for 2024, its new features, the updated technical basis and the new strategy for the interaction between UCS and the Univention App Center.
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Outlook on UCS 5.2 - Ingo Steuwer - Univention Summit 2024
1. Outlook on UCS 5.2
Ingo Steuwer / Dirk Wiesenthal, Univention GmbH
2. Univention Corporate Server – version overview
UCS 4.4
UCS 5.0
UCS 5.2
Release
UCS 5.0
May 2021
EOL UCS 4.4
Enterprise:
2024/01/31
(LTE available)
EOL UCS 5.0
Enterprise: at
leat one year
after UCS 5.2
Release
UCS 5.2
2024
Univention
Summit 2024
3. There is no UCS 5.1?
Not officially: „UCS 5.1“ is an internal technical release to „skip“ one debian release
More in the announcement: https://www.univention.com/blog-en/2023/06/announcement-ucs-release-5-2/
Debian 10 Debian 11 Debian 12
4. Focus of UCS 5.2
» Maintenance & updated software version
» Debian and other upstream updates:
Kernel, Samba, OpenLDAP 2.5, Python 3.9, Docker 20.10, PostgreSQL 15, ...
» Move to Keycloak instead of SimpleSAMLphp/Kopano Connect
» No more Python 2 support
» Features are build in Apps, and will be available also for UCS 5.0
» Strategy: Move features into Apps allows other release variants like for Kubernetes – more later
today
5. New features in Apps, not UCS releases – what does that mean?
» Let me show you some examples….
6. What has happened in 2023 – Release policy
» Quarterly patch level releases
» Released: 5.0-1 to current 5.0-6
» 5.0-7 to be expected in March 2024
» Longer maintenance periods for patch level releases
» At least 12 weeks after the next release
» Example: 5.0-6 will be maintained 12 weeks after the release of 5.0-7
more details: https://www.univention.com/blog-en/2023/07/ucs-patchlevel-releases-adjustments/
7. What has happened in 2023 - Documentation
» Reworked entry and documentation navigation
» Integrated extensive search across all documents
» New content:
» UCS architecture manual
» App specific manuals: Keycloak,
OX Connector, Guardian, Intercom Service
» Manual to onboard Debian an Ubuntu
administrators
» Maintenance life cycles of Univention products
8. What has happened in 2023 - Keycloak
Image source: https://www.keycloak.org/
9. What has happened in 2023 – Active Directory Connector
» Active Directory Connector synchronizes
directory structures, users and groups between
UCS and Microsoft Active Directory
» Including password hashes
» New in 2023 „AD Forest“ support
» Active Directory Connector synchronizes one
AD Domain of a Forest structure
» References to objects in other Domains of
the Forest are handeled correctly
10. What has happened in 2023 – OX Connector
» OX Connector was introduced in 2022 to connect Open-
Xchange installations
» Univention App „OX App Suite“ had different
integrations with different features
» Since May 2023, both are based on the OX Connector
» Customers can choose: Deploy OX App Suite on their own or
use the Univention App
» New „reference“ for integrations:
» Integration („Connector“) and Service in two installation
packages („Apps“)
More in
https://www.univention.com/blog-en/2023/05/unification-administration-provisioning-ox/
11. What has happened in 2023 – Roles & Rights
» Roles & Rights:
» Project to allow easy definition
of rights in the Univention Tools
» Open Authorization Framework which
can be used in other Services
» Announced Summit 2023
» In 2023:
» First implementations in a customer project done
» Released „Guardian“, the new authorization API, to UCS
» Work is ongoing to release a generic user management UI for UCS@school
» More in https://www.univention.com/blog-en/2023/08/role-design-ucs-ucsschool/
12. Ongoing implementations – block previously used values
» Objective:
» „block“ re-usage of former used usernames or mail addresses
» to avoid account takeover („impersonation“)
» Will introduce a configurable „blocklist“
» stores values once a user (or other objects) are deleted
» will be checked by UDM for conflicts
» attributes and durations will be configurable
» Planned for Q1/24
13. Back to UCS 5.2 – where are we?
» First Alpha release in 12/2023
» https://www.univention.com/blog-en/2023/11/ucs-alpha-5-2/
» Status:
» All Debian packages imported, all Univention packages build
» Package upgrade UCS 5.0 UCS 5.1 UCS 5.2 in one migration window
→ →
» Basic functionality of UDM, UMC, Portal
» Objective of the Alpha release:
» development environment for Univention & App providers
14. Back to UCS 5.2 – what happens next?
» Pending tasks:
» Finalize installation procedure with Keycloak as default
» Improve look & feel of the UIs
» Provide further Univention Apps
» Testing, testing, testing, ...
» Beta release(s) to be expected in Q1/Q2 2024
» Stable release in 2024
» No commited date yet – we allow to give features / customer needs priority
» UCS@school for UCS 5.2 will be released immediately or short after
15. Be prepared for UCS 5.2
» Migration to Keycloak is a prerequisite
» UCS 5.2 has no other IDP, a migration in UCS 5.0 is needed beforehand
» Migration guide is available: https://docs.software-univention.de/keycloak-migration/index.html
» For „old“ UCS installations: migrate OpenLDAP backend from BDB to MDB
» https://help.univention.com/t/migration-of-openldap-database-backend-from-bdb-to-mdb/22322
» Ensure no customization uses Python 2 anymore!
» Univention Apps & Integrations are or will be migrated
» Keep UCS 5.0 up to date
» All instances in a domain need to run on a maintained 5.0-x release before upgrading the UCS Primary
Node to UCS 5.2
» Enjoy the features coming to UCS 5.0