{"guid":"dVYz0GFKsKPfIUQDmTJmqQ","title":"Æ-DIR -- Authorized Entitites Directory","subtitle":"Identity and Access Management with OpenLDAP","slug":"2240-ae-dir-authorized-entitites-directory","link":"https://c3voc.de","description":"This talk will present a concept and real-world implementation of an identity and access management system (IAM) purely based on OpenLDAP.\n\nThe main goal of Æ-DIR (besides challenging Unicode handling in various software with its name) is to follow the delegation, need-to-know and least-privilege principles as strictly as possible. The visibility of user, group, sudoers, etc. is limited by OpenLDAP’s set-based ACLs. All systems and services, no exception(!), have to individually authenticate to be authorized to access Æ-DIR.\n\nThe talk will give some additional information about the secure base configuration of OpenLDAP and a special NSS/PAM caching demon developed for lower resource usage.\n\nThis talk will present a concept and real-world implementation of an identity and access management system (IAM) purely based on OpenLDAP.\n\nThe main goal of Æ-DIR (besides challenging Unicode handling in various software with its name) is to follow the delegation, need-to-know and least-privilege principles as strictly as possible. The visibility of user, group, sudoers, etc. is limited by OpenLDAP’s set-based ACLs. All systems and services, no exception(!), have to individually authenticate to be authorized to access Æ-DIR.\n\nThe talk will give some additional information about the secure base configuration of OpenLDAP and a special NSS/PAM caching demon developed for lower resource usage.","original_language":"eng","persons":["stroeder"],"view_count":104,"promoted":false,"date":"2019-05-26T00:00:00.000+02:00","release_date":"2019-05-26T02:00:00.000+02:00","updated_at":"2026-01-01T20:15:24.688+01:00","tags":["osc19","2240","Open Source"],"length":2668,"duration":2668,"thumb_url":"https://static.media.ccc.de/media/events/osc/2019/2240-hd.jpg","poster_url":"https://static.media.ccc.de/media/events/osc/2019/2240-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/events/osc/2019/2240-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/events/osc/2019/2240-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/2240-ae-dir-authorized-entitites-directory","url":"https://api.media.ccc.de/public/events/dVYz0GFKsKPfIUQDmTJmqQ","conference_title":"openSUSE Conference 2019","conference_url":"https://api.media.ccc.de/public/conferences/osc19","related":[{"event_id":2899,"event_guid":"0c8f0e98-92ee-42ba-aa75-04fc50344904","weight":1},{"event_id":2922,"event_guid":"47cbd880-f500-4c44-b717-c11ed1da087d","weight":1},{"event_id":4667,"event_guid":"9b3292f5-f7bd-49f9-8c2b-5dc98d72e6a4","weight":1},{"event_id":4944,"event_guid":"868fbf54-2007-4c0e-9af3-63384bed9fa6","weight":1},{"event_id":5076,"event_guid":"bb239a0d-bf40-5e30-bc9b-aa060640eeab","weight":1},{"event_id":5562,"event_guid":"FCDA2jM81L7uJcD1iXje6A","weight":1},{"event_id":6166,"event_guid":"dc642b96-2b89-5aeb-b086-c64c66d27e93","weight":1},{"event_id":7059,"event_guid":"drBsJm1OspmodxlcUlVZoA","weight":3},{"event_id":7062,"event_guid":"FYZNn_oSKwNj28O6WUViuw","weight":5},{"event_id":7078,"event_guid":"-TfWXwLFMvJx2yy1UQ6iTg","weight":2},{"event_id":7079,"event_guid":"UXkaWhL6nt_30m-UEalVMQ","weight":3},{"event_id":7080,"event_guid":"G-fbiDSrJ6ifAOEPW1PmZA","weight":2},{"event_id":7081,"event_guid":"V5TLukgwdAbRwzDYdJDPMg","weight":2},{"event_id":7082,"event_guid":"jot9JzhThXaI-bg4lHKeIQ","weight":1},{"event_id":7089,"event_guid":"xEWoNyjCI4ExTDHTer-QWw","weight":7},{"event_id":7090,"event_guid":"tcqG0x1tb0cojdtR4-QsFw","weight":2},{"event_id":7094,"event_guid":"-CVvXbWXJE9qM7F5NaSGGQ","weight":1},{"event_id":7098,"event_guid":"2cb7b45b-af85-5ee7-981d-5b4265d4e342","weight":6}],"recordings":[{"size":148,"length":2668,"mime_type":"video/mp4","language":"eng","filename":"osc19-2240-eng-AE-DIR_--_Authorized_Entitites_Directory_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2019-05-26T15:39:35.441+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2019/h264-hd/osc19-2240-eng-AE-DIR_--_Authorized_Entitites_Directory_hd.mp4","url":"https://api.media.ccc.de/public/recordings/35575","event_url":"https://api.media.ccc.de/public/events/dVYz0GFKsKPfIUQDmTJmqQ","conference_url":"https://api.media.ccc.de/public/conferences/osc19"},{"size":25,"length":2668,"mime_type":"audio/opus","language":"eng","filename":"osc19-2240-eng-AE-DIR_--_Authorized_Entitites_Directory_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2019-05-26T15:44:54.219+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2019/opus/osc19-2240-eng-AE-DIR_--_Authorized_Entitites_Directory_opus.opus","url":"https://api.media.ccc.de/public/recordings/35581","event_url":"https://api.media.ccc.de/public/events/dVYz0GFKsKPfIUQDmTJmqQ","conference_url":"https://api.media.ccc.de/public/conferences/osc19"},{"size":40,"length":2668,"mime_type":"audio/mpeg","language":"eng","filename":"osc19-2240-eng-AE-DIR_--_Authorized_Entitites_Directory_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2019-05-26T15:45:34.161+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2019/mp3/osc19-2240-eng-AE-DIR_--_Authorized_Entitites_Directory_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/35582","event_url":"https://api.media.ccc.de/public/events/dVYz0GFKsKPfIUQDmTJmqQ","conference_url":"https://api.media.ccc.de/public/conferences/osc19"},{"size":64,"length":2668,"mime_type":"video/mp4","language":"eng","filename":"osc19-2240-eng-AE-DIR_--_Authorized_Entitites_Directory_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2019-05-26T15:46:05.392+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2019/h264-sd/osc19-2240-eng-AE-DIR_--_Authorized_Entitites_Directory_sd.mp4","url":"https://api.media.ccc.de/public/recordings/35583","event_url":"https://api.media.ccc.de/public/events/dVYz0GFKsKPfIUQDmTJmqQ","conference_url":"https://api.media.ccc.de/public/conferences/osc19"},{"size":77,"length":2668,"mime_type":"video/webm","language":"eng","filename":"osc19-2240-eng-AE-DIR_--_Authorized_Entitites_Directory_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2019-05-26T15:53:05.415+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2019/webm-sd/osc19-2240-eng-AE-DIR_--_Authorized_Entitites_Directory_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/35588","event_url":"https://api.media.ccc.de/public/events/dVYz0GFKsKPfIUQDmTJmqQ","conference_url":"https://api.media.ccc.de/public/conferences/osc19"},{"size":189,"length":2668,"mime_type":"video/webm","language":"eng","filename":"osc19-2240-eng-AE-DIR_--_Authorized_Entitites_Directory_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2019-05-26T16:03:39.162+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2019/webm-hd/osc19-2240-eng-AE-DIR_--_Authorized_Entitites_Directory_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/35593","event_url":"https://api.media.ccc.de/public/events/dVYz0GFKsKPfIUQDmTJmqQ","conference_url":"https://api.media.ccc.de/public/conferences/osc19"}]}