Æ-DIR -- Authorized Entitites Directory
Identity and Access Management with OpenLDAP
Michael started using SUSE Linux back in the 90s. Since 20 years he works as a freelancer in the field of identity and access management and applied crypto.
No video of the event yet, sorry! Meanwhile...
This talk will present a concept and real-world implementation of an identity and access management system (IAM) purely based on OpenLDAP.
The main goal of Æ-DIR (besides challenging Unicode handling in various software with its name) is to follow the delegation, need-to-know and least-privilege principles as strictly as possible. The visibility of user, group, sudoers, etc. is limited by OpenLDAP’s set-based ACLs. All systems and services, no exception(!), have to individually authenticate to be authorized to access Æ-DIR.
The talk will give some additional information about the secure base configuration of OpenLDAP and a special NSS/PAM caching demon developed for lower resource usage.
- 2019 May 26 - 14:00
- 45 min
- openSUSE Conference 2019
- Open Source
- Business Applications as Free Software - Demystifying FUD
- Start Time:
- 2019 May 26 14:00
- Saal (Main Hall)