UCS 5.2-2 has been released

With Univention Corporate Server 5.2-2, the second patch level release for Univention Corporate Server (UCS) is now available.

UCS 5.2-2 provides several feature improvements and extensions, new properties as well as various improvements and bugfixes. Here is an overview of the most important changes:

  • Univention Corporate Server 5.2-2 introduces the univentionObjectIdentifier: a globally unique identifier for all objects managed via Univention Directory Manager. It simplifies object mapping to external systems and ensures consistent tracking across logs. The identifier is auto-generated for new objects; existing objects receive it during upgrade.
  • Keycloak 26 is now available in the App Center with enhanced security and new features. It comes with a new Ad Hoc Provisioning plugin which automatically creates Nubus user accounts. This enables seamless Single Sign-On access across connected applications for identities logging in via trusted external IdPs (e.g., Active Directory).
  • Univention Corporate Server 5.2-2 delivers major performance gains in Univention Directory Manager, notably for deleting computer objects and editing groups in large environments. A new diagnostic tool identifies LDAP database fragmentation — a key bottleneck in older, large deployments — and provides remediation guidance.
  • Various components of the Univention Management Console and App Center were hardened against cross-site scripting (XSS) attacks through stricter content sanitization and improved HTML encoding.
  • Univention Corporate Server 5.2-2 includes numerous security updates for packages such as curl, glibc, intel-microcode, openssl, firefox-esr, Linux kernel, and many others to ensure protection against the latest vulnerabilities.

Notes about the release, download and documentation can be found at the following resources:

Questions can be asked at Univention Help in the UCS category.