5.5. End User Self Service#
This section describes the End User Self Service that allows users to manage their contact information, reset their password, register for and remove their user account from Nubus without administrator interaction.
For information about setting a user password policy, see User password management.
See also
- Customization of self-service emails
in Univention Nubus for Kubernetes - Nubus Customization and Modification Manual [4] for information about customization of emails sent by the End User Self Service.
- User self services
in Univention Corporate Server - Manual for users and administrators [2] for information about customization of the End User Self Service in a UCS appliance environment.
5.5.1. Change user password through the Portal#
Every signed-in user can change their own password through the Portal. For instructions, see Portal in User password management.
5.5.2. Password management in the End User Self Service#
The End User Self Service is a separate web application. Users find the same modules in the Portal at
. It offers the following modules:My Profile
Protect your account
Change your password
Alternatively, you can reach the End User Self Service
directly through the endpoint /univention/selfservice/
.
5.5.3. Contact information#
Users can save additional personal data at the user account object in the Directory Service. The personal data can include the following information:
Profile picture
Contact information, such as a private address
By default, only administrators can modify user contact information. With the End User Self Service you can enable end users to manage selected account attributes themselves. Fig. 5.6 shows how editing the user profile data looks like.

Fig. 5.6 User profile through the End User Self Service#
5.5.4. Self registration#
The End User Self Service allows users to register themselves. The registration creates a user account that the user must verify through email.
The user workflow for the self registration is the following:
User creates their account in the Create an account dialog, see Fig. 5.7.
The End User Self Service sends an email for account verification to the provided email address.
The user opens the page to verify the account using the URL from the invitation email. See Verification email.
The user verifies the account using the token from the invitation email. See Account verification.
User accounts that users created through the End User Self Service
have the RegisteredThroughSelfService
attribute set to the value TRUE
and the PasswordRecoveryEmailVerified
attribute set to the value FALSE
.
After the user has verified their email address and completed the registration procedure,
the PasswordRecoveryEmailVerified
has the value TRUE
.
Fig. 5.7 shows the Create an account dialog during self registration.

Fig. 5.7 Account registration#
5.5.4.1. Verification email#
After a user clicked Create account in Self registration, the End User Self Service shows a message similar to Fig. 5.8 that it sent an email for Account verification.

Fig. 5.8 Sending the verification email#
5.5.4.2. Account verification#
After the user follows the link in the account verification email, the End User Self Service shows Account verification page similar to Fig. 5.9. It contains the username and the token from the verification email.

Fig. 5.9 Account verification#
If the user clicks Verify Account, the End User Self Service confirms with an account verification message similar to Fig. 5.10.

Fig. 5.10 Account verification message#
5.5.5. Self deregistration#
The End User Self Service allows users to request the deletion of their user account.
If a user has requested to delete their user account,
Nubus deactivates the user account and doesn’t delete it directly.
In addition,
it sets the DeregisteredThroughSelfService
attribute of
the user object to the value TRUE
and the DeregistrationTimestamp
attribute of the user account
to the current time in the GeneralizedTime LDAP syntax.
If the user account has the PasswordRecoveryEmail
attribute set with an email address,
the End User Self Service sends a notification email.