Authorized Entities Directory

Admin UI (web2ldap) // Password self-service // OATH enrollment

The agile IAM for DevOps

Authorized Entities Directory (Æ-DIR) is a Privileged Identity and Access Management (IAM/PIM/PAM) based on OpenLDAP

Objectives:

• Strictly follow need to know and least privilege principles
• Agile data maintenance by consequent delegation of manageable small areas
• Provide meaningful audit trails for compliance checks
• Secure defaults

You can find longer introductions in Æ-DIR conference presentations.

News:

• Currently finished:
  aehostd -- custom PAM/NSS demon
• New Æ-DIR slides available of talk at OSDC 2018
• Talk about hardening Æ-DIR at
  OWASP-KA, Karlsruhe, 2018-07-02
• Æ-DIR & OATH-LDAP talk at
  KA-IT-SI, Karlsruhe, 2018-12-13
• More about OATH-LDAP and SSH login listed on www.stroeder.com...