Release notes for the installation and update of Univention Corporate Server (UCS) 5.2-1#

Publication date of UCS 5.2-1: 2025-03-11

Release highlights#

With Univention Corporate Server 5.2-1, the first patch level release for Univention Corporate Server 5.2 is available. It provides several feature improvements and extensions, properties, as well as, bug fixes. Here is an overview of the most important changes:

  • The performance of univention-directory-manager-modules has been improved, enabling faster modifications of very large groups.

  • Squid cache settings can now be manually configured for improved efficiency and performance.

  • Univention Corporate Server 5.2-1 includes various security updates, for example for openssh, BIND9, intel-microcode, Python 3.11, rsync, setuptools, and the Linux-6.1 kernel.

  • Univention Corporate Server 5.2-1 fixes various bugs across multiple packages, including univention-directory-manager-modules, univention-appcenter, univention-keycloak, univention-updater, and univention-self-service, enhancing stability and reliability.

Notes about the update#

Run the update in a maintenance window, because some services in the domain may not be available temporarily. It’s recommended that you test the update in a separate test environment before the actual update. The test environment must be identical to the production environment.

Depending on the system performance, network connection, and installed software, the update can take anywhere from 30 minutes to several hours. For large environments, consult UCS performance guide [1].

Simultaneous operation of UCS and Debian on UEFI systems#

Please note that simultaneous operation of UCS and Debian GNU/Linux on a UEFI system starting with UCS 5.0 isn’t supported.

The reason for this is the GRUB boot loader of Univention Corporate Server, which partly uses the same configuration files as Debian. An already installed Debian leads to the fact that UCS can’t boot (anymore) after the installation of or an update to UCS 5.0. A subsequent installation of Debian results in UCS 5.0 not being able to boot. For more information, refer to KB 17768.

Preparation of update#

This section provides more information you need to consider before you update.

Sufficient disk space#

Also verify that you have sufficient disk space available for the update. A standard installation requires a minimum of 6-10 GB of disk space. The update requires approximately 1-2 GB additional disk space to download and install the packages, depending on the size of the existing installation.

Console usage for update#

For the update, sign in on the system’s local console as user root, and initiate the update there. Alternatively, you can conduct the update using Univention Management Console.

If you want or have to run the update over a network connection, ensure that the update continues in case of network disconnection. Network connection interrupts may cancel the update procedure that you initiated over a remote connection. An interrupted update procedure affects the system severely. To keep the update running even in case of an interrupted network connection, use tools such as tmux, screen, and at. All UCS system roles have these tools installed by default.

Script to check for known update issues#

Univention provides a script that checks for problems which would prevent the successful update of the system. You can download the script before the update and run it on the UCS system.

# download
$ curl -OOf https://updates.software-univention.de/download/univention-update-checks/pre-update-checks-5.2-1{.gpg,}

# verify and run script
$ apt-key verify pre-update-checks-5.2-1{.gpg,} && bash pre-update-checks-5.2-1

...

Starting pre-update checks ...

Checking app_appliance ...                        OK
Checking block_update_of_NT_DC ...                OK
Checking cyrus_integration ...                    OK
Checking disk_space ...                           OK
Checking hold_packages ...                        OK
Checking ldap_connection ...                      OK
Checking ldap_schema ...                          OK
...

Post processing of the update#

Following the update, you need to run new or updated join scripts. You can either use the UMC module Domain join or run the command univention-run-join-scripts as user root.

Subsequently, you need to restart the UCS system.

Please verify the PostgreSQL version on all UCS systems that updated to UCS 5.2. As UCS 5.2 ships Version 15 of PostgreSQL, updated systems may need migration from PostgreSQL 11. For the recommended migration steps, see KB 22162.

Notes on selected packages#

The following sections inform about some selected packages regarding the update.

Collection of usage statistics#

When using the UCS Core Edition, UCS collects anonymous statistics on the use of Univention Management Console. The modules opened get logged to an instance of the web traffic analysis tool Matomo. Usage statistics enable Univention to better tailor the development of Univention Management Console to customer needs and carry out usability improvements.

You can verify the license status through the menu entry License ‣ License information of the user menu in the upper right corner of Univention Management Console. Your UCS system is a UCS Core Edition system, if the License information lists UCS Core Edition under License type.

UCS doesn’t collect usage statistics, when you use an Enterprise Subscription license such as UCS Base Subscription or UCS Standard Subscription.

Independent of the license used, you can deactivate the usage statistics collection by setting the Univention Configuration Registry Variable umc/web/piwik to false.

Changelog#

You find the changes since UCS 5.2-0 in Changelog for Univention Corporate Server (UCS) 5.2-1.

Bibliography#

[1]

UCS performance guide. Univention GmbH, 2021. URL: https://docs.software-univention.de/ext-performance/5.2/en/.