2019-12-03 07:03:05 +01:00
# Interacting with the Server
2021-04-06 02:08:36 +02:00
To interact with Kanidm as an administrator, you'll need to use our command line tools.
2019-12-03 07:03:05 +01:00
## From (experimental) packages
2020-01-27 13:30:09 +01:00
Kanidm currently supports:
2021-04-06 02:08:36 +02:00
2020-12-02 02:12:07 +01:00
* Fedora 33
2021-04-06 02:08:36 +02:00
* OpenSUSE Leap 15.2
* OpenSUSE Tumbleweed
2019-12-03 07:03:05 +01:00
2021-04-06 02:08:36 +02:00
### Fedora
2020-10-14 05:05:45 +02:00
2021-04-06 02:08:36 +02:00
Fedora is still experimentally supported through the development repository. You need to add the repository metadata into the correct directory.
cd /etc/yum.repos.d
wget https://download.opensuse.org/repositories/home:/firstyear:/kanidm/Fedora_33/home:firstyear:kanidm.repo
You can then install with:
dnf install kanidm-clients
2020-10-14 05:05:45 +02:00
### OpenSUSE Leap 15.2
Leap 15.2 is still not fully supported with Kanidm. For an experimental client, you can
try the development repository. Using zypper you can add the repository with:
2019-12-03 07:03:05 +01:00
zypper ar obs://home:firstyear:kanidm home_firstyear_kanidm
2020-06-18 02:30:42 +02:00
zypper mr -f home_firstyear_kanidm
2019-12-03 07:03:05 +01:00
2021-04-06 02:08:36 +02:00
Then you need to refresh your metadata and install the clients.
2019-12-03 07:03:05 +01:00
zypper ref
zypper in kanidm-clients
2021-04-06 02:08:36 +02:00
### OpenSUSE Tumbleweed
2019-12-03 07:03:05 +01:00
2021-04-06 02:08:36 +02:00
Kanidm is part of OpenSUSE Tumbleweed since October 2020. This means you can install
the clients with:
2020-10-14 05:05:45 +02:00
2021-04-06 02:08:36 +02:00
zypper ref
zypper in kanidm-clients
2020-10-14 05:05:45 +02:00
2019-12-03 07:03:05 +01:00
## From source
2021-04-06 02:08:36 +02:00
After you check out the source (see [GitHub ](https://github.com/kanidm/kanidm )), navigate to:
2019-12-03 07:03:05 +01:00
cd kanidm_tools
2020-06-18 02:30:42 +02:00
cargo install --path .
2019-12-03 07:03:05 +01:00
2021-04-06 02:08:36 +02:00
## Checking that the tools work
2019-12-03 07:03:05 +01:00
Now you can check your instance is working. You may need to provide a CA certificate for verification
with the -C parameter:
2020-09-18 05:19:57 +02:00
kanidm login --name anonymous
2019-12-03 07:03:05 +01:00
kanidm self whoami -C ../path/to/ca.pem -H https://localhost:8443 --name anonymous
kanidm self whoami -H https://localhost:8443 --name anonymous
2021-04-06 02:08:36 +02:00
Now you can take some time to look at what commands are available - please [ask for help at any time ](https://github.com/kanidm/kanidm#getting-in-contact--questions ).
2019-12-03 07:03:05 +01:00
2021-05-26 08:11:00 +02:00
## Kandim configuration
You can configure kanidm to help make commands simpler by modifying ~/.config/kanidm OR /etc/kanidm/config
uri = "https://idm.example.com"
verify_ca = true|false
verify_hostnames = true|false
ca_path = "/path/to/ca.pem"
Once configured, you can test this with:
kanidm self whoami --name anonymous
## Session Management
2020-09-18 05:19:57 +02:00
To authenticate as a user for use with the command line, you need to use the `login` command
to establish a session token.
kanidm login --name USERNAME
kanidm login --name admin
Once complete, you can use kanidm without reauthenticating for a period of time for administration.
2021-05-26 08:11:00 +02:00
You can list active sessions with:
2019-12-03 07:03:05 +01:00
2021-05-26 08:11:00 +02:00
kanidm session list
2019-12-03 07:03:05 +01:00
2021-05-26 08:11:00 +02:00
Sessions will expire after a period of time (by default 1 hour). To remove these expired sessions
locally you can use:
2019-12-03 07:03:05 +01:00
2021-05-26 08:11:00 +02:00
kanidm session cleanup
2019-12-03 07:03:05 +01:00
2021-05-26 08:11:00 +02:00
To logout of a session:
kanidm logout --name USERNAME
kanidm logout --name admin
2020-09-18 05:19:57 +02:00
