Quickstart
Himmelblau is an open-source authentication framework that brings Microsoft Entra ID login, policy enforcement, and Hello PIN support to Linux systems. This documentation will guide you through installation, configuration, and best practices for integrating Himmelblau into your environment.
Get Started
TL;DR
Himmelblau is designed with sensible defaults to make initial setup fast and simple. If you're eager to get started without reading all the details, follow these basic steps:
(Choose the appropriate DEB or RPM for your system and install them.)
- ✏️ Edit your config:
Set the primary domain of your Entra ID tenant in /etc/himmelblau/himmelblau.conf
:
[global]
domains = example.onmicrosoft.com
On Debian based distros, pam configuration happened automatically when you installed Himmelblau.
On openSUSE or SUSE Linux Enterprise:
sudo pam-config --add --himmelblau
On all other distros, you can run the manual config utility bundled with Himmelblau:
sudo aad-tool configure-pam
Add himmelblau
to your /etc/nsswitch.conf
to resolve Entra ID users and groups.
passwd: files himmelblau
group: files himmelblau
- 🚀 Start the daemons:
sudo systemctl enable himmelblaud himmelblaud-tasks
sudo systemctl restart himmelblaud himmelblaud-tasks
You’re now ready to log in with your Entra ID credentials!