FreeIPA - Identity and Access Management for Linux

  •        1218

FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.

https://www.freeipa.org/
https://copr.fedoraproject.org/coprs/mkosek/freeipa/

Tags
Implementation
License
Platform

   




Related Projects

Fortress - Identity and Access Management


Fortress the open source identity and access management built on OpenLDAP. Fortress is designed to address complex authentication, authorization and auditing needs simply and easily. It helps to ensure strict adherence to current security standards while allowing for ease of installation and ongoing maintenance. It also offers JoshuaTree commercial grade IAM solutions with open source technologies that reduce cost and are simple to use.

Gluu Server - Identity and Access Management (IAM) platform


Gluu's open source authentication & API access management software for securing Web & mobile applications using open standards like SAML & OpenID Connect. Its features include Single Sign-On, Access Management, OAuth, Multi-Factor Authentication, LDAP Directory Integration, User Management and lot more.

Mandriva - Identity and Network Management


Mandriva Directory Server is an enterprise directory platform based on LDAP designed to manage identities, access control informations, policies, application settings and user profiles. If you already use Samba, Postfix, Squid or CUPS, you can benefit from MDS today to manage your infrastructure.

SSSD - System Security Services Daemon


SSSD is a system daemon. Its primary function is to provide access to identity and authentication remote resource through a common framework that can provide caching and offline support to the system. It provides PAM and NSS modules, and in the future will D-BUS based interfaces for extended user information. It provides also a better database to store local users as well as extended user data.

hydra - OAuth2 server with OpenID Connect - cloud native, security-first, open source API security for your infrastructure


ORY Hydra is a hardened OAuth2 and OpenID Connect server optimized for low-latency, high throughput, and low resource consumption. ORY Hydra is not an identity provider (user sign up, user log in, password reset flow), but connects to your existing identity provider through a consent app. Implementing the consent app in a different language is easy, and exemplary consent apps (Go, Node) and SDKs (Go, Node) are provided.Besides mitigating various attack vectors, such as database compromisation and OAuth 2.0 weaknesses, ORY Hydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to. Click here to read more about security.



AMX Identity Management - An HR driven Identity and Access Management solution


Amx is an HR driven Identity and Access Management solution which can extract the identities from authoritative sources to find the joiners, movers and leavers, and transform them to a suitable format such that they can be used to load accounts into target resources such as the Active Directory, Exchange, LDAP, databases, Unix Systems, the Cloud etc. In its simplest form identity management is not an IT function and access management, which is, is a synchronisation process.

Syncope - Open Source Identity Management


Apache Syncope is an Open Source system for managing digital identities in enterprise environments. Identity management (or IdM) means to manage user data on systems and applications, using the combination of business processes and IT. IdM involves considering user attributes, roles, resources and entitlements. It provides access control on Who has access to What, When, How, and Why?

OpenAM - Authentication, Authorization and SSO


OpenAM provides open source Authentication, Authorization, Entitlement and Federation software. OpenAM provides core identity services to simplify the implementation of transparent single sign-on (SSO) as a security component in a network infrastructure. OpenAM provides the foundation for integrating diverse web applications that might typically operate against a disparate set of identity repositories and are hosted on a variety of platforms such as web and application servers.

Harbor - An enterprise-class container registry server based on Docker Distribution


Project Harbor is an enterprise-class registry server that stores and distributes Docker images. It extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management. As an enterprise private registry, Harbor offers better performance and security.

dex - OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors


Dex is an identity service that uses OpenID Connect to drive authentication for other apps.Dex is NOT a user-management system, but acts as a portal to other identity providers through "connectors." This lets dex defer authentication to LDAP servers, SAML providers, or established identity providers like GitHub, Google, and Active Directory. Clients write their authentication logic once to talk to dex, then dex handles the protocols for a given backend.

midPoint - Identity Provisioning system


midPoint is an Identity Provisioning system. It is a comprehensive tool that synchronizes several identity repositories and databases, manages them and makes them available in a unified form. It belongs to the Identity Provisioning category of the Enterprise Identity Management field, however midPoint itself is not limited to the enterprise. It can work equally well also for cloud services, Internet portals, telcos and service providers and so on.

omniauth-identity - A simple login and password strategy for OmniAuth.


The OmniAuth Identity gem provides a way for applications to utilize a traditional login/password based authentication system without the need to give up the simple authentication flow provided by OmniAuth. Identity is designed on purpose to be as featureless as possible: it provides the basic construct for user management and then gets out of the way.Next, you need to create a model (called Identity by default) that will be able to persist the information provided by the user. Luckily for you, there are pre-built models for popular ORMs that make this dead simple.

freeipa - The Identity, Policy and Audit system


The Identity, Policy and Audit system

auth - Istio authentication components


The diagram below shows Istio Auth's architecture, which includes three primary components: identity, key management, and communication security. This diagram describes how Istio Auth is used to secure the service-to-service communication between service 'frontend' running as the service account 'frontend-team' and service 'backend' running as the service account 'backend-team'. Istio supports services running on both Kubernetes containers and VM/bare-metal machines.As illustrated in the diagram, Istio Auth leverages secret volume mount to deliver keys/certs from Istio CA to Kubernetes containers. For services running on VM/bare-metal machines, we introduce a node agent, which is a process running on each VM/bare-metal machine. It generates the private key and CSR (certificate signing request) locally, sends CSR to Istio CA for signing, and delivers the generated certificate together with the private key to Envoy.

stratus - the AWS Identity and Access Management (IAM) client library for Ruby


the AWS Identity and Access Management (IAM) client library for Ruby

aws_iam - Module for interfacing with Amazon's Identity and Access Management API


Module for interfacing with Amazon's Identity and Access Management API

IdentityDisc - An authentication / authorization proof of concept using Windows Identity Foundation


An authentication / authorization proof of concept using Windows Identity Foundation

identity - Login and OAuth management service for Heroku


Based on the concept of web-based Heroku user management not belonging in the API over the long-term, Identity pulls session-based authentication out of API and provides a drop-in replacement for the Heroku OAuth API that OAuth clients can use instead.

Modular Access Control System


A modular, flexible and extensible Identity and Access Management system for integrated login, access and profile management across disparate security domains. Supports Apache, PAM, Webcrossing, XMLRPC and SOAP from C, Perl, and Java with more to come.

OpenLDAP ILM/FIM Management Agent


The OpenLDAP Extensible Management Agent (XMA) for Microsoft Identity Lifecycle Manager 2007 and Forefront Identity Manager 2010 will enable efficient two-way synchronization of identity information with the OpenLDAP directory.