Table of Contents
With Univention Corporate Client (UCC) 2.1 the first minor release update of UCC is now available.
UCC is now Citrix Ready certified. This allows Univention to provide the Citrix Receiver with UCC thin client images. Citrix Receiver is responsible for the connection to Citrix environments from a thin client operated with UCC. The UCC setup wizard still allows the manual installation of specific Citrix Receiver versions.
Support for UCC Image site servers has been added. UCC computer objects can now be configured to use a specific server to download UCC Images from.
UCC 2.1 images use the newer Linux kernel and Xorg X11 server version from Kubuntu Utopic by default. UCC 2.1 is based on Kubuntu 14.04 and will receive its software and security updates.
UCS installations, in which the master domain controller was installed in a release older than 2.3 still use MD5 as the hashing algorithm for the SSL certificates. Later releases use SHA-1 as the hashing algorithm. UCC clients cannot join a domain still using MD5 hashes. The necessary steps to migrate a UCS domain from MD5 to SHA-1 are documented in the Univention Support Database (SDB 1150).
With the release of Univention Corporate Client 2.1 Univention announces the discontinuation of XRDP terminal services on UCC for the next major release UCC 3.0. This does not affect functionality and support for XRDP UCC terminal services on UCC 2.
su
Switching from one non-root user account to another non-root user account with the
su command doesn't work. Switching to the root account is not affected.
The underlying bug cannot be easily fixed as it would lead to invasive changes. As a
workaround it is possible to first switch to root and then switch to the user account, e.g.
$ su root
$ su testuserMore information can be found at Bug 30243.
If the user password is changed during the login at the LightDM Login Manager (e.g., because the user option is activated or because a password has expired), the password change is effected via Kerberos. This Kerberos password change is not "visible" for PAM modules executed after authentication. The RDP session script and the PAM module for mounting the home directory via CIFS, however, access the cached password and, as a result, the login fails the first time. The correct password is then available for the second login attempt.
Listed are the changes since UCC 2.0:
ucc-image-add-citrix-receiver script now cleans
out the local repository of retrieved package files
(Bug 38741).
ucc-image-add-citrix-receiver script now installs
packages more reliably by using the dpkg parameters --force-confnew --force-overwrite --force-overwrite-dir (Bug 38905).
ucc-image has been adapted to support creating large ISO files on UCS 4 (Bug 38906).
xrandr parameter for querying the display devices
(Bug 38678).
/ is now mounted with option 755 when using overlayfs (Bug 38925).
/dev/sda or /dev/sdb) on removable USB devices are no longer mounted on to thin clients (UCC desktop systems are not
affected), since this could lead to delays in freeing unmounted devices in terminal services like RDP or Citrix.
The old behaviour can be restored by setting the UCR variable ucc/mount/fullpartition to true (Bug 36717).
/opt/Citrix/ICAClient/usb.conf.
USB redirect rules can be configured with the UCR variable ucc/xenapp/ctxusb/rules (Bug 38925).
ucc/firefox/defaults/rememberSignons to 'user_pref("signon.rememberSignons",false);' by default.
This prevents a recurring pop-up in Firefox when accessing Citrix terminal services (Bug 38932).
ldap/server/name if ucc/mount/cifshome/server is unset (Bug 35111).
cifsmount stanza is now only written if ucc/mount/cifshome/server is set (Bug 35111).
ucc/ldap/network/timeout.
The default is 10 seconds (Bug 36325).
ucc/ldap/timeout: Time-out for LDAP queries.
ucc/ldap/timelimit: Maximum duration of LDAP queries
If unset, the default for all variables is ten seconds (Bug 37321).