Authorized Entities Directory
Admin UI (web2ldap) // Password self-service // OATH enrollment
The agile IAM for DevOps
Authorized Entities Directory (Æ-DIR) is a Privileged Identity and Access Management (IAM/PIM/PAM) based on OpenLDAP
News:
- Bugfix update available for aehostd -- custom PAM/NSS demon
- Slides available of Æ-DIR lightning talks at 5th OpenLDAP Developers Day 2018
- Slides available of Æ-DIR talk at GNU/LinuxDay Vorarlberg 2018
- Æ-DIR lightning talk at Open Source Summit Paris, Paris, 2018-12-06
- Æ-DIR talk at Open Source Summit Paris, Paris, 2018-12-06
- Æ-DIR & OATH-LDAP talk at KA-IT-SI, Karlsruhe, 2018-12-13
Main Objectives
- Strictly follow need to know and least privilege principles
- Agile data maintenance by consequent delegation of manageable small areas
- Provide meaningful audit trails for compliance checks
- Secure defaults
Key Features
- Fine-grained authorization
- Fine-grained delegation, ready-to-use role-model
- Role separation, multiple accounts per person
- Secure password handling, SSH key distribution
- Compatible to all LDAP enabled applications
- Two-factor authentication integrated with LDAP
- High availability out-of-the-box with LDAP server replicas
- TLS everywhere
- Service hardening out-of-the-box
Find longer introductions: Æ-DIR conference presentations.