Page Index - himmelblau-idm/himmelblau GitHub Wiki

39 page(s) in this GitHub Wiki:

Home
Supported Linux Distributions
Installing Himmelblau
Fedora and Rocky Linux:
openSUSE/SUSE Linux Enterprise:
Debian/Ubuntu:
Configuring Himmelblau
Note: Leaving the pam_allow_groups option unset in the /etc/himmelblau/himmelblau.conf file permits all users to authenticate.
Note: On Ubuntu, you should additionally set use_etc_skel to true and configure home_attr and home_alias to match (I recommend using the CN attribute). These parameters are necessary, otherwise Ubuntu's snaps will fail to execute. These settings are set by default using the Himmelblau project Debian/Ubuntu packages.
Run the daemon
Disable nscd
Setup NSS
Setup PAM
Note: If you intend to use Hello or Passwordless authentication, it's recommended that pam_himmelblau.so be placed before pam_unix.so in the pam auth stack (but always after pam_localuser.so), otherwise pam_unix will unnecessarily prompt for a password.
Enrolling the Device and Hello PIN
Capturing authentication traffic using cirrus‐scope
Please reload this page
Cloud Kerberos Trust for Linux
Please reload this page
Configuring Unix Attribute Synchronization with Azure Entra ID Using Microsoft Entra Connect Sync
Please reload this page
Creating an Entra ID Application for Himmelblau GroupMember.Read.All Permissions
Please reload this page
Enabling the Himmelblau QR Greeter gnome‐shell Extension
Please reload this page
MS specs which Himmelblau uses
Please reload this page
OpenSSH Bug 2876 ‐ Unable to use MFA over SSH ‐ Workaround
Please reload this page
Removing all Hello PINs & cached PRTs on a Himmelblau host
Please reload this page
Syncing Active Directory with Azure Entra ID
Please reload this page
Testing Himmelblau Developer Builds with Packet Capture
Please reload this page
Troubleshooting: The user '...' already exists and fake users listed in NSS
Please reload this page
Write Permissions for the logon_script Parameter in Himmelblau
Please reload this page