1.
Introduction to Kanidm
2.
Evaluation Quickstart
3.
Supported Features
4.
Project Support
5.
Installing the Server
5.1.
Choosing a Domain Name
5.2.
Preparing for your Deployment
5.3.
Server Configuration
5.4.
Security Hardening
5.5.
Server Updates
6.
Client Tools
6.1.
Installing Client Tools
7.
Administration
7.1.
Backup and Restore
7.2.
Database Maintenance
7.3.
Domain Rename
7.4.
Monitoring the platform
7.5.
Recycle Bin
7.6.
Customising
8.
Accounts and Groups
8.1.
People Accounts
8.2.
Authentication and Credentials
8.3.
Groups
8.4.
Service Accounts
8.5.
Anonymous Account
8.6.
Account Policy
8.7.
POSIX Accounts and Groups
9.
Access Control
10.
Service Integrations
10.1.
LDAP
10.2.
OAuth2
10.2.1.
How does OAuth2 work?
10.2.2.
Custom Claims
10.2.3.
Example Configurations
10.3.
PAM and nsswitch
10.3.1.
SUSE / OpenSUSE
10.3.2.
Fedora
10.3.3.
Troubleshooting
10.4.
RADIUS
10.5.
SSSD
10.6.
SSH Key Distribution
11.
Service Integration Examples
11.1.
Kubernetes Ingress
11.2.
Traefik
12.
Replication
12.1.
Planning
12.2.
Deployment
12.3.
Administration
13.
Synchronisation
13.1.
FreeIPA
13.2.
LDAP
Support
14.
Troubleshooting
15.
Frequently Asked Questions
16.
Glossary
For Developers
17.
Developer Guide
18.
Developer Ethics
19.
Frequently Asked Questions
20.
Design Documents
20.1.
Access Profiles 2022
20.2.
Access Profiles Original
20.3.
Access Control Defaults
20.4.
Architecture
20.5.
Authentication flow
20.6.
Cryptography Key Domains (2024)
20.7.
Domain Join - Machine Accounts
20.8.
Elevated Priv Mode
20.9.
OAuth2 Device Flow
20.10.
OAuth2 Refresh Tokens
20.11.
Replication Coordinator
20.12.
Replication Design and Notes
20.13.
REST Interface
20.14.
Unixd Multi Resolver 2024
21.
Python Module
22.
RADIUS Module Development
23.
Release Checklist
24.
Packaging
24.1.
Debian/Ubuntu Packaging
24.2.
PPA Packages
24.3.
Community Packages
Auto
Light
Rust
Coal
Navy
Ayu
Kanidm Administration
Installing the Server
This chapter will describe how to plan, configure, deploy and update your Kanidm instances.