Univention Corporate Server - An open source identity management system

  •        0

We aggregate and tag open source projects. We have collections of more than one million projects. Check out the projects section.

Univention Corporate Server is an open source identity management system, an IT infrastructure and device management solution and an extensible platform with a store-like App Center that includes tested third party applications and further UCS components: This is what Univention combines in their main product Univention Corporate Server, a Debian GNU/Linux based enterprise distribution. This article provides you the overview of Univention Corporate Server, its feature and installation.

Things to know about UCS

From all the features that distinguishes UCS, four are particularly significant:

Univention Configuration Registry

Underneath the hood you find the Univention Configuration Registry, a key value based object storage and configuration templates to control the settings of every server. Consequently, changes to a server become a matter of changing a single variable. For example, you want to tell your mail server to use a proxy server? Changing the proxy/http variable will take care of setting the correct value for the software updater, the antivirus software, possible blacklist downloads and for any user who could ssh into the server. An idea of how the Univention Configuration Registry works gives you this short video:

Domain-centric Approach

Secondly, there is the domain-centric approach to IT management. UCS itself has a role concept, which includes domain controllers and application servers and replicates users and settings throughout the domain. Thus if you have more than one mail server which needs to use the proxy, you can create a simple policy and distribute the settings to all servers. This, of course, also implies that a user only has to be provisioned once and can be enabled to use all applications within the domain from the Active Directory-compatible Domain Controller to Z-Push for Kopano, for example.

Univention App Center

Thirdly, the Univention App Center that provides even more functions via additional applications such as, for example, Kopano, ownCloud, SuiteCRM and many more. When installing them on UCS, you don't get unconfigured packages onto your hard disk, but they come with a complete configuration and integration into the management system including a transparent lifecycle management.

Web-based Management Console

The fourth and final feature is the web-based management console. It allows the administrator to control UCS, the users and most applications from the App Center via one central location. The convenient and intuitive management system, in turn, reduces the complexity of managing (new) users and the risk of unauthorized users accessing files and applications.

Where and How to get UCS

UCS is available in various “flavors”. All include the same fundamental system and the same features. However, they are preconfigured to run in different environments.

  • As an ISO image for the installation in your environment
  • As an AWS image
  • As a virtual machine image including a growing number of images for preconfigured applications

Univention provides UCS comes in two editions: Core and Enterprise. The Core Edition is available for free. It has the same features as the Enterprise Edition but comes without support and a limited maintenance period. Help is provided via the Univention forum.

In contrast to the Core Edition, the Enterprise Edition comes with maintenance subscription and support. Univention offers a five to seven years lifecycle for the major versions of UCS. The price depends on the number of servers and the number of users in the environment. Depending on the Enterprise subscription level, the yearly prices range from $ 349 to $ 2,049.


The system uses the same basic installation with only a slight variation depending on which of the different flavors you use. For example, you will need to partition the hard disk when using the ISO image and might need an activation email for the preconfigured applications. Thus, we will focus on the more significant configuration parts that all the flavors have in common.

Configuration of the Network

After the base installation for the ISO, or the log in for all others, UCS presents you with its setup dialog. The first question is about the language and location. The language question thereby only concerns the language for the installer. The management console will later be available in English, German and, optionally, French. You can also customize your location.


Next, you will need to configure the network. One thing of note here is, if you are planning to extend your UCS domain, have UCS take over or join a Windows domain, you will need to enter an existing domain controller as the preferred DNS server, otherwise UCS will not be able to join the domain.

ucs domain and network configuration

UCS Domain Settings

After configuring the network, you need to decide what role the UCS system should fulfill in your IT environment.

There are three primary choices:

  • Create a new domain from which you can manage all users and assets
  • Join an existing domain
  • Join an Active Directory domain as an application server
  • Do not use any domain; a choice with only limited use

 UCS domain setup

System Roles

If you choose to extend your UCS domain, you will again be presented with three choices:

  • Domain controller backup:
    a complete replacement of the master including the LDAP and certificates
  • Domain controller slave:
    a server with a read-only LDAP for applications that make heavy use of the LDAP such as groupware but which does not have all information needed to perform administrative functions
  • Member server: a lighter weight server without an LDAP that is ideal to serve as a file server or a basis for your CRM

UCS System role

Creation of a UCS Domain

First, select a password. On your domain controller master, the password will be used for both the local root account as well as for the LDAP management account administrator. You can later change the two passwords independently. On all other systems, the password is only for the local superuser root.

The page will optionally ask you for metadata around your organization which is later used to set some default values.

UCS Account information

Fully Qualified Domain Name (FQDN)

Next comes the name of your server. When configuring the domain controller master, you will need to provide a fully qualified domain name (FQDN). The part up to the first dot of which will comprise your hostname, the rest your domain name. You should be aware that the element between the first and second dot will be the name Windows user will see during login. Please do NOT choose your Internet domain as it will prevent your users from reaching your external services. The installer generates the LDAP base from the domain name and you should not change it unless there is a solid reason.

UCS Host settings

Software Installation

For on-premises, you can now install additional software. In all cases, you will be able to add further software via the Univention App Center later on. Here we now forward to confirming the settings.

Done - Where To Next

After completion of the configuration assistant, the interface will welcome you to explore its many features. From here you can now start extending the features of UCS, integrating it with other systems or start adding your users into the server.

Congratulations, you now have an open, flexible, and fully functioning IT and server management solution which you can adapt and extend to your own needs.








We publish blog post about open source products. If you are interested in sharing knowledge about open source products, please visit write for us

Subscribe to our newsletter.

We will send mail once in a week about latest updates on open source tools and technologies. subscribe our newsletter

Related Articles

ONLYOFFICE Document Server, an online office app for Nextcloud and ownCloud

  • office office-suite word spreadsheet

ONLYOFFICE Document Server is a free collaborative online office suite including viewers and editors for texts, spreadsheets and presentations, fully compatible with Office Open XML formats (.docx, .xlsx, .pptx). This article provides you the overview of ONLYOFFICE Document Server, its features, installation and integration with Nextcloud and ownCloud.

Read More

SeoToaster: easy, fast and efficient open source CMS for top SEO performance

  • cms content-management-system seo ecommerce

SeoToaster is a free Open Source CMS & Ecommerce solution to build, manage and market websites optimized for for top search engine performance. As the name implies, Seo Toaster is to date the only content management system (CMS) to truly integrate SEO execution and web marketing automation technology in full compliance with the search engines industry’s best practices.

Read More

Top 15 Open source alternative to Microsoft products

  • microsoft-alternative open-source-enterprise

Microsoft is monopoly in the commercial software. Here are 15 best alternatives to most popular and widely used Microsoft products.

Read More

LogicalDOC - Open Source DMS

  • dms document-management-system

LogicalDOC is both a document management and a collaboration system. The software is loaded with many functions and allows organizing, indexing, retrieving, controlling and distributing important business documents securely and safely for any organization and individual.

Read More

Activiti - Open Source Business Automation

  • business-automation business bpm

Activiti Cloud is the first Cloud Native BPM framework built to provide a scalable and transparent solution for BPM implementations in cloud environments. The BPM discipline was created to provide a better understanding of how organisations do their work and how this work can be improved in an iterative fashion.

Read More

Benefits in contributing to Open Source

  • open-source opensource contribute benifits

What the benefit will i get, if i contribute to Open Source? This is the frequently asked question by many people. I just want to pen down the benefits which i know and i hope you will agree with it.

Read More

AbanteCart - Easy to use open source e-commerce platform, helps selling online

  • e-commerce ecommerce cart php

AbanteCart is a free, open source shopping cart that was built by developers with a passion for free and accessible software. Founded in 2010 (launched in 2011), the platform is coded in PHP and supports MySQL. AbanteCart’s easy to use admin and basic layout management tool make this open source solution both easy to use and customizable, depending on the skills of the user. AbanteCart is very user-friendly, it is entirely possible for a user with little to no coding experience to set up and use this cart. If the user would be limited to the themes and features available in base AbanteCart, there is a marketplace where third-party extensions or plugins come to the rescue.

Read More

PrestaShop - A feature rich Open Source eCommerce solution

PrestaShop is an Open Source eCommerce Solution. It comes complete with over 310 features that have been carefully developed to assist business owners in increasing sales with virtually little effort. It is being used in more than 150,000 online stores.

Read More

Why Experienced Programmers Should Contribute to Open Source

  • contribute open-source participate foss

People who have taken programming as their career has to do coding for almost 30 years. Will they always get an opportunity to do complex tasks or to write project from scratch? The answer is NO. Sometimes they may get but not always. What should they do?

Read More

JHipster - Generate simple web application code using Spring Boot and Angular

  • jhipster spring-boot angular web-application

JHipster is one of the full-stack web app development platform to generate, develop and deploy. It provides the front end technologies options of React, Angular, Vue mixed with bootstrap and font awesome icons. Last released version is JHipster 6.0.1. It is licensed under Apache 2 license.

Read More

Scale up vs Scale out. First decision to make before moving to cloud

  • cloud scale-up scale-out scalability

Before moving to cloud, First decision to make is whether Scale up the hardware or Scale out with multiple systems. Both has its pros and cons.

Read More

React Patent Clause Licensing issue. Is it something to worry?

  • react react-license facebook

React libraries from Facebook is one of the most used UI libraries. It is competitive to AngularJS. There are many open source UI components or frameworks available but mostly people narrow down to two choices Angular / React. Recently Facebook has updated React license and added a patent clause which makes companies to worry and rethink whether to use React or not.

Read More

Holistic usage guide for OpenSSL

  • openssl security certificate tools

OpenSSL is a general purpose cryptographty toolkit that provides an open source implementation of Transport Layer Security(TLS) and Secure Socket Layer(SSL) protocols. It is written in C,assembly and Perl language but wrappers are available in all languages. This article explains about OpenSSL commands.

Read More

Introduction to Apache Cassandra

  • cassandra database nosql

Apache Cassandra was designed by Facebook and was open-sourced in July 2008. It is regarded as perfect choice when the users demand scalability and high availability without any impact towards performance. Apache Cassandra is highly scalable, high-performance distributed database designed to handle large voluminous amounts of data across many commodity servers with no failure.

Read More

mkcert - No config certificate authority tool

  • certificate ssl security cert go go-lang

Mkcert is go-lang project, which is super easy tool to setup certificate authority without any configuration. Using certificates are inevitable these days, data should be transferred in a secure communication channel. Buying a certificate is expensive and mostly companies buy certificates only for production systems. In Dev setup, if we use self-signed certificate then there will be trust errors. mkcert automatically creates and installs a local CA in the system root store, and generates locally-trusted certificates.

Read More

Is ZooKeeper mandatory for Cloud

  • zookeeper distributed cloud

Cloud is nothing but more than one system or application distributed across the network, across the globe. It may have couple of application servers, database server, shared data storage, backup server and lot more. The resources in the distributed environment must have information about each other so that they could co-ordinate and share without any issues. ZooKeeper helps to do that.

Read More

Laravel Paypal Integration - Smart button with server-side integration

  • laravel paypal smart-button

You would have seen a lot of blogs for paypal php integration with REST api which is driven completely in the backend. For checkout, paypal provides an easy way to checkout for client side ready-to-use smart button payment. This approach will work only from the frontend, which will not be safe and difficult to reconcile as the backend does not have any information about it. Server side integration with the paypal smart button will help us to reconcile or track the payments even after some issues in the users payment journey. In this blog, we have walkthrough the paypal smart button with server side php laravel integration.

Read More

Introduction to Light 4J Microservices Framework

  • light4j microservice java programming framework

Light 4j is fast, lightweight, secure and cloud native microservices platform written in Java 8. It is based on pure HTTP server without Java EE platform. It is hosted by server UnderTow. Light-4j and related frameworks are released under the Apache 2.0 license.

Read More

Understanding Web Real-Time Communication (WebRTC)

  • webrtc communication web

Web Real-Time Communication (WebRTC) is an open source project currently being developed with an aim to provide real time, peer-to-peer communication between web applications. WebRTC provides simple JavaScript APIs that help developers to easily build web applications with real time audio, video and data transfer capabilities. This blog has been written assuming that the reader has zero knowledge of how WebRTC works and hence have explained the entire working in detail using simple terms and analogies wherever possible. Let’s get started!

Read More

Web based commenting system. Embed directly in to your site

  • comment free commenting-system

Comments are very important for a blog or website to get feedback from their users. Comments could be threaded where users could be discuss and post reply to the comment. Here we going discuss about the most popular and widely used free commenting system. You need to embed their javascript code in your every page and it will take care the rest of the task.

Read More

We have large collection of open source products. Follow the tags from Tag Cloud >>

Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.