Change UCS portal to be accessible under http://domain/ NOT http://host.domain


#1

Hello UCS experts!
I am getting familiar with UCS in general, learning to set it up and deploying it for a variety of uses. I have to commend the developers for a fine product, that seem to work well.

I am, however, coming with command line background, and as such at times find difficult to find the right setting, even when is there right under my nose…

Such as I would like to make the UCS portal to be accessible under https://domain.name and not what is currently https://host.domain name?
I do not see anywhere in the stock 4.2 UCS a SERVERNAME in the apache2 configs, thus the web server figures out the FQDN as hostname.domain to be used as servername.
How to change this?

Perhaps I need to make an entry in the DNS to point the domain name to an host ip address, but could not achieve that either.
This is easy by editing the apache config and bind9 config files but warnings are there: do not edit these files… so how to do it in UCS. Can someone please help?
Thanks, Lleo


#2

Hi,
adding DNS records can be done in the mamangement portal, under “domain” , “dns”.

I think you can either add the full domain with the ip address of the server, ie:
192.168.1.1 host.domain.tld
192.168.1.1 domain.tld

Or you might try a cname entry, although I am not sure if that’ll work out.


#3

thanks for your reply. I did not elaborate on this earlier, but reason I could not add DNS entry to point to domain is that the module in domain/dns requires a mandatory entry for host name both for CNAME or ALIAS entry.

Can you clarify how to create a record to have just domain pointed to an ip?

Separately I assume that I will need to edit the univention templates that create the apache2 config files to make the vhost entries pointed to domain only? This since VirtualHost *:80 will respond to both http://host.domain and http://domain URLs


#4

You were absolutely right. UCS doesn’t offer this apparently.

To be honest - and from experience: I’d always stick with hostname.domain.tld.
You can always set a nicer alias for the hostname.

But setting one server for the whole domain … it more often got me into major trouble than it actually solved something.
Especially when using services like LDAP or Active Directory, issues are bound to pop up!


#5

OK, thanks for confirming. Well, I can always resort to manually edit the config files, but the whole point in UCS is to not do that.

The reason for pointing this server to a domain is to avoid alerts in browsers of mismatched security certificates.
Anyone else able to point their domain.tld to an IP address in UCS?


#6

Mismatched Security certs?
Either you have certs assigned to hostnames (1 or more - up to 5 if I’m not mistaking) or to wildcards.

By default, UCS will use its own, selfsigned certs.
If it’s just for testing: Try comodo certs or Let’s Encrypt (If possible under UCS).


#7

You can create your own portal page with your preferred FQDNs and aliases.
This tutorial is in german, but the screenshots will guide you through the process.


#8

Thanks @onex for the link! Werde ich mir mal in Ruhe anschauen.


#9

thanks onex for your reply.
what is the role/meaning of the “activated” setting under advanced for a portal entry?


#10

I think, you can switch this entry on and off with this setting, but I haven’t tested it. :slight_smile: