• Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Menu
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Search
Close
  • Home
  • 2017
  • August
  • 2
  • Meet Univention: Linux Alternative To Windows Domain Controller

Meet Univention: Linux Alternative To Windows Domain Controller

August 2, 2017 Comments Off on Meet Univention: Linux Alternative To Windows Domain Controller
download univention how to setup univention Linux Alternative To Windows Domain Controller linux domain controller setup domain controller on linux

Univention Corporate Server (UCS) is a Linux-based solution to manage your IT infrastructure.

It is close in concept to a Windows Domain Controller or a NIS server. While all the building blocks (OpenLDAP, Kerberos, Samba and so on) are largely available and already deployed on countless networks, UCS aims at lowering the entry barrier for switching to a Linux-based network infrastructure.

Instead of tweaking configuration files and handling interoperability issues by yourself, UCS provides a Web-based interface to manage your domain, including computers, users, shares and many other entities.

We talk about UCS here because this is an open source solution based on Debian. You can checkout the sources from the SVN repository here. Not only Univention promotes the use of Linux server-side, but client-side too, since they provide very mature Ubuntu support including image rollout and remote administration.

Discovering Univention Corporate Server

The core functionality of an enterprise server is to manage users and groups, devices (computers, printers) and network (DHCP, DNS). UCS aims at being much more than that because of its pluggable architecture. Simply said, you can add “modules” or “apps” that will add extra services to your server.

UCS is designed to operate as well as in a Linux-only environment and in a heterogeneous Linux, MacOS X, and Windows environment through Samba and Active Directory support.

For Linux on the desktop, Univention provides customized Ubuntu images that can be remotely installed and maintained on the client via PXE. I didn’t test that, but apparently, you can build your own custom images, which is a must to tailor the users’ environment to their needs.

Modular design

As part of their solution, Univention UCS supports what they call “Apps” whose goal is to add services on top the core UCS infrastructure.

Some apps are provided and supported by Univention. Some other by third parties. Through apps, you can add to your UCS server support for common enterprise services such as email handling with Fetchmail and AV Mail or printing with CUPS as well as a couple of business-oriented CMS.

Other apps may be used to improve Windows integration (Integrate UCS in existing Active Directory or Office 365 single sign-on). Finally, task-oriented apps are available too, notably to support developer tools (JIRA, Jenkins) and VM or cloud users.

Some of the applications--or «Apps»--available for UCS

Surprisingly enough I didn’t find any Database-related app. As of today, you cannot manage MariaDB or MongoDB through UCS. But this will surely come as third party Apps.

Who is behind Univention?

Univention Gmbh is a Germany-based enterprise. Behind Univention, there is Peter Ganten who is as of 2017 the chairman of the Open Source Business Alliance— a German lobbying group promoting the open-source movement.

How much does that cost?

The Univention system is based on open-source software. And you can use the “Core Edition” free of charges. Business users will probably turn toward a yearly subscription through in order to have business-class support.

The subscription includes fixed yearly fees for the server and per-client license fees after the first 10 clients.

Pricing details are available on Univention website.

First experience with UCS

In order to have the first taste of UCS, I’ve set up a small virtual network made of one server and a couple of client hosts. UCS is only available for Intel/AMD 64-bit environment. And I used Qemu/KVM virtual machines on an Intel Core i7 host for that test.

My test UCS server was installed from the just released UCS-4.2 DVD ISO. For the clients, I used the Univention Corporate Client (UCC) module to roll out the Univention-customized Ubuntu image on them. Except for one client which was a newly installed genuine Debian Jessie system.

I reserved 2GB of RAM for the server and 1GB for each client.

My test machines

Server installation

The server installation went flawlessly and the process should be familiar to anyone already having installed Debian or a Debian-derivative in graphical mode.

While setting up the server, you can install a couple of modules (CUPS, Fetchmail, Sendmail, RADIUS, Squid, Nagios, … ) In addition, you can install the KDE desktop environment if you want to access the web-based administration interface from the server itself rather than remotely. I didn’t use that later option myself, as I intended to access the web interface using my standard browser running on the VM host. Given the limited resources of my test system, I performed a rather minimal UCS installation.

I must say the UCS server installation and usage was incredibly easy— once I fixed a couple of initial misunderstanding:

  • The administrative account is “Administrator” — not “root”
  • Despite its name, the Univention Corporate Client (UCC) is not the client software, but a server module used to manage clients.

Could you believe it, I had to contact the Univention support to understand that! I take that occasion to thank them all— as, while not being a paid user, the people at Univention were incredibly supportive and pointed me to the right direction.

Worth mentioning for core (aka, non-paying) users, there is a community support through a forum— but it was down when I started testing UCS. It was back online a few days later and has proven to be a great source of information from there— even if many threads are written in German.

UCC client installation

Once I finally understood what UCC was, installing the Ubuntu client machine was a formality. Through the UCS administration interfaces you “create” your computer by registering their name, MAC address, and subnet (for IP address assignation)–and choose the image to install on the next boot.

Image management setup for UCC clients

You then have to ensure your client will boot on PXE–et voila. At the next client startup, it will get a DHCP address and boot image from the server, and after confirmation, the configured disk image will be installed onto the client hard drive.

Few minutes after that you will have a working Ubuntu client, having joined the domain and you can log into that system using the credential for users created in the UCS administration console. No need to say you can install several clients at the same time.

Post navigation

How to Bypass SMS Verification of any Website/Service
DroidSheep – Arp Spoofing APP for Android

Related Articles

BlackArch Linux v2019.09.01 – Penetration Testing Distribution

- Operating Systems
September 9, 2019

Commando VM v2.0 – The First Full Windows-based Penetration Testing OS

- Operating Systems
August 9, 2019

OPS City – Build and Run Nanos Unikernels

- Operating Systems
July 9, 2019
hacker gadgets
hacker phone covers

Recent Posts

CVE-2023-25135: Pre-authentication RCE Vulnerability on vBulletin

CVE-2023-25135: Pre-authentication RCE Vulnerability on vBulletin

February 3, 2023
Aws-Security-Assessment-Solution - An AWS Tool To Help You Create A Point In Time Assessment Of Your AWS Account Using Prowler And Scout As Well As Optional AWS Developed Ransomware Checks

Aws-Security-Assessment-Solution – An AWS Tool To Help You Create A Point In Time Assessment Of Your AWS Account Using Prowler And Scout As Well As Optional AWS Developed Ransomware Checks

February 3, 2023
CVE-2023-0179 PoC

Researcher Publishes PoC Exploit for Privilege Escalation Flaw (CVE-2023-0179) in Linux Kernel

February 3, 2023
CVE-2022-21587 & CVE-2023-22952 Vulnerabilities Being Exploited in Attacks

CVE-2022-21587 & CVE-2023-22952 Vulnerabilities Being Exploited in Attacks

February 3, 2023
Android-PIN-Bruteforce: bruteforcing the lockscreen PIN

Android-PIN-Bruteforce: bruteforcing the lockscreen PIN

February 2, 2023
Suborner - The Invisible Account Forger

Suborner – The Invisible Account Forger

February 2, 2023

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs

About Us

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Join Our Community!

Please wait...
Get the latest News and Hacking Tools delivered to your inbox.
Don't Worry ! You will not be spammed

Active Members

Submit a Tool

Hackers Handbook 2018


Grab your copy here

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Menu
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Live Chat
RESOURCES
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Menu
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Get Started
TOOLBOX
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Menu
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress
Please wait...

Join Our Community

Subscribe now and get your free HACKERS HANDBOOK

Don't Worry ! You will not be spammed
SIGN UP FOR NEWSLETTER NOW