Since I moved from PostgreSQL as a user/auth backend on my small private server to LDAP on UCS last year, I always wanted to also use SAML SSO with e.g. Nextcloud as well.
Reconfigure UCS Single Sign On covers this setup, but instead of copy&pasting this step by step I collected these instructions in a notepad and adopted & replaced the variables as needed. In the end it looked like a deployment script that only needs some more enhancements.
After some tests and changes I had a working script that runs on Primary Directory Node, connects via SSH to the other UCS servers and execute the needed commands there.
You can find the script on Codeberg: Windfluechter/setupSSO.sh: Small script to setup SAML SSO for Univention UCS - setupSSO.sh - Codeberg.org
Maybe some find this script helpful, but keep in mind that you should always have a look at scripts from the Internet and never blindly trust them to do the right.
Feedback, bug reports and enhancements are very much appreciated via Codeberg.