Æ-DIR -- Authorized Entities Directory 0.35.0
Authorized Entities Directory (Æ-DIR) is a Privileged Identity and Access Management (IAM/PIM/PAM) based on OpenLDAP Objectives: * Strictly follow need to know and least privilege principles * Agile data maintenance by consequent delegation of manageable small areas * Provide meaningful audit trails for compliance checks * Secure defaults
Recent Releases
0.35.010 Nov 2022 11:11
minor feature:
Update to web2ldap 1.8.0. More hardening. Various other small improvements and fixes.
0.34.622 Jun 2022 05:59
minor feature:
Various updates and small fixes.
0.34.320 Apr 2022 15:48
minor feature:
Support installing on upcoming Ubuntu 22.04 LTS.
0.34.212 Apr 2022 18:09
minor feature:
Enabled overlay slapo-authzid which implements RFC 3829.
0.34.110 Apr 2022 15:30
minor feature:
Various other software updates and minor configuration changes.
0.33.016 Feb 2022 23:59
minor feature:
Added support for installing on Arch Linux, and various other software updates.
0.32.119 Dec 2021 16:04
minor feature:
web2ldap update and new mtail-based log metrics.
0.32.016 Dec 2021 00:23
major feature:
Many software updates and fixes.
0.29.006 Sep 2021 09:18
major feature:
Update to OpenLDAP 2.5, new Debian/Ubuntu repos, many software updates, added support for Debian bullseye, AlmaLinux and Rocky Linux.
0.27.730 Jul 2021 08:43
major feature:
Added LSB id mappings for installing on Rocky Linux 8.4. More flexible handling of variable openldap_db_params.
0.27.431 May 2021 15:22
major feature:
Added LSB id mappings and repo entries for installing on AlmaLinux 8.4 and openSUSE Leap 15.3.
0.27.218 May 2021 05:41
minor bugfix:
Fixes for HTML templates.
0.27.016 May 2021 23:39
minor feature:
Update to web2ldap 1.6.1 and ldap0 1.2.8+ with performance enhancements for handling large group entries.
0.26.211 May 2021 17:33
minor bugfix:
Fixed DB compacting script.
0.26.110 May 2021 16:58
major feature:
Added SSH-CA (EKCA) for issuing temporary short-term OpenSSH user certificates.
0.25.122 Apr 2021 18:37
minor feature:
- Finally the simple web apps were migrated to Flask/WTForms/Jinja2.
- Enforced installation of more recent software releases.
- slapdcheck has a config file now where you can set formerly hard-coded parameters.
- Added HTTP security header Permissions-Policy.
- Fixed HTML markup ae-dir-pwd's change password form.
- Improved wording in e-mail templates.
0.24.1918 Mar 2021 14:12
minor feature:
Features:
- Added support to set aedir_rundir to e.g. /run/ae-dir usually mounted as tmpfs on modern Linux distros (not enabled by default, use with care)
- added support for directly validating OTP values with a COMPARE request against a token entry (used by oath-ldap-tool ykcheck)
- Change to oathTokenPIN-ACLs and userPassword-ACLs for token entries to enable bulk enrollment of Yubikey tokens 1
- slapdcheck monitoring parameters now in configuration file
Fixes
- added --graceful-timeout=2 to aedir_gunicorn_args for fixing issues with ansible restart handlers
- various fixes for installing on SLE15 SP2
Enforced installation of recent software:
- oath-ldap-tool 1.3.4+
- oath-ldap-srv 1.3.0+
- ae-dir-tool 1.0.6+
- slapdcheck 3.8.0+
- pyasn1 and pyasn1_modules
0.24.1312 Feb 2021 20:00
minor fix:
Update to web2ldap 1.5.113+.
0.24.1211 Feb 2021 20:00
minor feature:
Service group members are now allowed to read attribute aeDisplayNameGroups.
0.24.1108 Feb 2021 20:00
minor fix:
Upgrade to slapdcheck 3.7.0.
0.24.1006 Feb 2021 03:17
minor fix:
Default for system logging options now empty. Added more HTTP security headers.
0.24.918 Dec 2020 19:00
minor fix:
Fixed ACL for auxiliary service groups.
0.24.812 Dec 2020 00:00
minor feature:
Apache httpd now uses MPM event model on all platforms.
0.24.711 Dec 2020 03:16
major fix:
Fixed Apache modules directory for openSUSE Tumbleweed.
0.24.626 Nov 2020 21:00
major fix:
Enforce installation of web2ldap bug-fix release 1.5.112+.
0.24.521 Nov 2020 03:16
minor feature:
Added quick search field in web2ldap.
0.24.411 Nov 2020 18:00
minor feature:
New ansible variables to customize group member constraint filters.
0.24.306 Nov 2020 12:00
minor feature:
AppArmor ABI version 3.0 used on openSUSE Tumbleweed and Ubuntu.
0.24.204 Nov 2020 17:00
minor fix:
Fixed security headers, install web2ldap update.
0.24.103 Nov 2020 21:00
minor fix:
Fixed AppArmor on Ubuntu.
0.23.326 Oct 2020 20:00
minor fix:
Minor fixes.
0.23.220 Oct 2020 00:00
major fix:
Fixed installation on openSUSE Leap 15.2.
0.23.108 Oct 2020 01:00
minor fix:
Explicitly use ld.bfd for linking during pip installation required on CentOS 8.2+.
0.23.005 Oct 2020 16:00
major feature:
Support for running on CentOS 8.2+, dropped support for CentOS 7.x.
0.22.327 Sep 2020 00:00
minor fix:
Forced web2ldap update.
0.22.224 Sep 2020 00:00
minor feature:
New optionally defined variable to enforce installing build tools.
0.22.122 Sep 2020 08:00
minor fix:
Install web2ldap 1.5.98 with a work-around for gunicorn.
0.21.018 Sep 2020 00:00
minor feature:
Enabled sortvals for multi-valued attributes for better performance. Needs reloading of existing databases.
0.20.211 Sep 2020 21:00
minor fix:
Updated Debian/Ubuntu package name.
0.20.125 Aug 2020 18:30
minor fix:
Various small fixes.
0.20.014 Aug 2020 13:00
major feature:
OATH-LDAP updates, various small fixes.
0.19.222 Jul 2020 12:00
major fix:
Fixed password expiry warning e-mails.
0.19.121 Jul 2020 15:00
minor feature:
Improved TLS ciphers defaults
0.18.114 Jul 2020 12:00
minor feature:
Fixed logging in ae-dir-tool
0.18.008 Jul 2020 22:00
minor feature:
Improved logging configuration, stricter syscall filters, less CRON jobs
0.17.003 Jul 2020 19:00
minor feature:
Terminology change with OATH-LDAP upgrade to 1.1.0: primary keys
0.16.202 Jul 2020 10:30
minor feature:
Avoid using system libldap linked to GNUTLS on Debian.
0.16.030 Jun 2020 06:30
stable:
UI improvements.
0.15.1021 Jun 2020 15:30
stable:
Fixed some more issues with automated aeHost creation and setup admin authentication.
0.15.720 Jun 2020 18:00
stable:
aehostd UID/GID is mapped to replica's aeHost entry.
0.15.920 Jun 2020 18:00
stable:
Fixed CentOS 7/8 compability issues.
0.15.619 Jun 2020 01:00
stable:
Fixed oathenroll installation.
0.15.212 Jun 2020 18:00
stable:
Improved automation of aeHost and aeService entries.
0.14.705 Jun 2020 14:30
stable:
More CRON tuning parameters, added wrapper script for decrypting OATH token PINs.
0.14.605 Jun 2020 14:30
stable:
Renamed ansible roles to names without dashes for compability with ansible collections.
0.14.202 Jun 2020 16:00
stable:
Small schema change in schema, new ansible variable for load-balancer hostname.
0.14.129 May 2020 08:30
stable:
Small schema change in object class 'aeService'.
0.14.026 May 2020 19:00
stable:
New object class aeSSHAccount.
0.12.216 May 2020 15:09
minor feature:
Support for using password hash scheme ARGON2 available in OpenLDAP 2.4.50+.
0.12.114 May 2020 09:56
minor feature:
Pulls in many software updates besides many other small improvements and fixes.
0.12.010 May 2020 16:36
minor feature:
Pulls in many software updates besides many other small improvements and fixes.
0.11.311 Apr 2020 14:00
minor feature:
Pulls in many software updates besides many other small improvements and fixes.
0.11.411 Apr 2020 14:00
minor feature:
OATH-LDAP bind listeners are now using config files, added Feature-Policy header to Apache and web2ldap.
0.11.019 Mar 2020 20:00
minor feature:
Many small improvements and fixes, especially for monitoring/logging.
0.10.318 Feb 2020 07:00
minor fix:
Removed obsolete default vars, minor fixes.
0.10.108 Feb 2020 12:56
minor feature:
Minor hardening improvements.
0.10.003 Feb 2020 13:00
minor feature:
Small improvements for monitoring and logging, more regression fixes.
0.9.518 Dec 2019 16:00
major fixes:
Fixes for Python 3 migration regressions.
0.9.430 Nov 2019 06:05
minor feature:
added Prometheus metrics
0.9.323 Nov 2019 20:00
minor fixes:
more improvements for Python 3 support
0.9.020 Nov 2019 00:00
major feature:
Runs on Python 3.6+ now
0.8.204 Oct 2019 15:00
minor feature:
Pin all Python modules to the Python2 versions for now
0.8.128 Sep 2019 08:00
minor feature:
Mostly more/improved metrics in slapd_checkmk.py
0.8.030 Jul 2019 08:00
major feature:
moved Python process code out to separate Python module package
0.7.723 Jul 2019 08:00
minor fix:
documentation details
0.7.611 Jul 2019 18:00
major fix:
security fix: explicitly disallow write access to attribute memberOf
0.7.509 Jul 2019 16:00
minor feature:
enforce removal of group members in archived group entries
0.7.426 Jun 2019 11:00
minor feature:
updated monitor check, small modifications in various systemd units, minor doc updates
0.7.316 Jun 2019 11:00
minor feature:
added login form on web2ldap landing page, updated some docs
0.7.222 May 2019 14:00
minor feature:
small change for upcoming openSUSE Leap 15.1, some other cosmetics
0.7.117 Apr 2019 18:00
minor fix:
small change for upcoming Debian buster
0.7.016 Apr 2019 11:00
minor feature:
incompatible change of ansible vars for mdb configuration, re-factoring of AppArmor profiles, other minor improvements
0.6.621 Mar 2019 21:00
minor feature:
backup CRON job parameters, new attribute aeRequires in aeSrvGroup entries, minor AppArmor fix
0.6.511 Mar 2019 18:00
minor fix:
mostly doc fixes
0.6.416 Feb 2019 18:00
minor feature:
new tuning parameter for slapd, other minor changes
0.6.331 Jan 2019 21:00
minor feature:
Update to web2ldap 1.4.2 with new UI style, small fixes
0.6.229 Jan 2019 05:49
minor bugfix:
minor fixes
0.6.128 Jan 2019 10:03
minor feature:
web2ldap update to 1.4.0
0.6.031 Dec 2018 10:00
minor feature:
Code-cleaning, mandatory software updates
0.5.131 Dec 2018 10:00
minor fix:
Fixed non-unique schema IDs in web2ldap supplemental schema file
0.5.027 Dec 2018 10:00
minor feature:
Re-factored aedirpwd, git repo split, more minor changes
0.4.425 Nov 2018 10:00
minor fix:
Code-cleaning and small fixes
0.4.322 Nov 2018 10:00
minor feature:
Small improvements for ae-dir-hostd role, some tuning parameters for slapd
0.4.205 Nov 2018 20:00
minor feature:
Minor improvements, documentation updates
0.4.119 Oct 2018 20:00
minor fix:
Minor ACL fix
0.4.018 Oct 2018 20:00
major feature:
Major refactoring of OpenLDAP ACLs, minor other fixes and enhancements
0.3.429 Sep 2018 03:15
minor feature:
Config change in web2ldap, minor improvements and fixes
0.3.314 Aug 2018 12:00
minor feature:
More on config changes in web2ldap and aehostd
0.3.211 Aug 2018 03:18
minor feature:
Adapt to config changes in web2ldap, misc. minor changes
0.3.105 Aug 2018 12:00
minor feature:
More updates for aehostd, docs updates
0.3.023 Jul 2018 12:00
major feature:
Added new ansible role for installing custom NSS/PAM service (aehostd)
0.2.028 Jun 2018 03:15
minor feature:
Polished and improved lots of minor stuff, last version for Debian Jessie
02 Jun 2018 16:51
major feature:
initial submission
0.1.002 Jun 2018 12:00
major feature:
initial submission
|
Links Project Website Download→ Src Submitted by MichaelManageYou can also help out here by:← Update project or flagging this entry for moderator attention. Share project
|