Main Objectives

• Strictly follow need to know and least privilege principles
• Agile data maintenance by consequent delegation of manageable small areas
• Provide meaningful audit trails for compliance checks
• Secure defaults

Key Features

• Fine-grained authorization
• Fine-grained delegation, ready-to-use role-model
• Role separation, multiple accounts per person
• Secure password handling, SSH key distribution
• Compatible to all LDAP enabled applications
• Two-factor authentication integrated with LDAP
• High availability out-of-the-box with LDAP server replicas
• TLS everywhere
• Service hardening out-of-the-box

Find longer introductions: Æ-DIR conference presentations.

News

• 2019-02-03 -- 5 min. talk at FOSDEM 2019: slapdcheck -- Monitoring OpenLDAP with Python
• 2018-12-16 -- pushed several repos to projct group ae-dir on GitLab
• 2018-12-13 -- German slides available of Æ-DIR talk at KA-IT-SI, Karlsruhe
• 2018-11-10 -- New release of aehostd -- custom PAM/NSS demon
• 2018-10-13 -- Slides available of Æ-DIR talk at GNU/LinuxDay Vorarlberg 2018
• 2018-10-08 -- Slides available of Æ-DIR lightning talks at 5th OpenLDAP Developers Day 2018:
  
  1. Using AppArmor/systemd for hardening
  2. Implementation details of aehostd