UCS 2.4 - Univention
UCS 2.4 - Univention
UCS 2.4 - Univention
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
9 Desktop systems<br />
9.2 Desktop system roles<br />
<strong>UCS</strong> contains three different desktop system roles which can be administrated in <strong>Univention</strong> Directory<br />
Manager and were each optimally conceived with a specific field of application in mind.<br />
The desktop environment can also be installed on any server system role.<br />
9.2.1 Thin clients<br />
Thin clients are systems which do not include a hard drive. These systems boot over the network from a<br />
DC Master, DC Backup or DC Slave server, which acts like a boot server and allows registration on a <strong>UCS</strong><br />
or Windows terminal server.<br />
When a user logs on to a thin client, the user’s request is forwarded to the authentication server. If<br />
authentication on the server is successful, a check is performed for whether the home directory is available<br />
locally or must be called up and mounted from another server. Users can be logged on to several clients<br />
at the same time, but some applications, e.g. Kontact, can only be used in one user session at a time.<br />
Having several, simultaneous sessions running can lead to unstable processes. This means that although<br />
working on two workstations is possible, it is not recommended.<br />
Thin clients offer no locally installed files, as all software is installed on a server system (the so-called client<br />
base system). This central administration means that the necessary maintenance work for the installed<br />
software is considerably reduced. Thin clients cannot be operated when they are not linked up to the<br />
server systems. From the thin client, the user has access to all resources of the domain as long as any<br />
relevant permissions have been granted. In addition, thin clients can use local printers connected via USB<br />
or parallel ports.<br />
9.2.2 Managed clients<br />
<strong>UCS</strong> systems are classified as managed clients when they have a local <strong>UCS</strong> installation and access to the<br />
services on the server system. Managed clients can be administrated in <strong>Univention</strong> Directory Manager<br />
and usually employ central repository servers for package maintenance. Authentication is performed via<br />
an LDAP server or using locally cached log-in information.<br />
Managed clients have a locally installed operating system, which allows them to boot without the need for<br />
a network connection. The users’ home directories are saved locally and only available for one client. It<br />
is also possible to save the home directories on a central server; this is described in 9.7. In this case, a<br />
network connection to this server is necessary for the log-in.<br />
The log-in and user information and group memberships of the last three users to log on are cached in<br />
the managed client - the number of log-ins cached can be configured in <strong>Univention</strong> Configuration Registry<br />
variable auth/passwdcache/max_user - so that these users can be authenticated without the need for<br />
a network connection. If the password for this user is changed in the <strong>Univention</strong> Directory Manager whilst<br />
the client is not connected to the domain controller via the network, the user will still need to log-in using<br />
his old password. The password change will be adopted with the next connection to the network.<br />
204