Create Users

User creation varies depending on the authentication source in use. Local users will need to be configured within the admin interface, LDAP users will need to be configured within the LDAP source and in the admin interface and SAML users are required to be configured within the IdP.

For local and LDAP user creation within the admin interface;

Click on Users on the left, or create a Knoc and do it within the workflow

2FA and TOTP

Users can have 2FA turned on for them, or off as required. In addition the administrator can reset the TOTP token, and then the user will simply need to re-enrol for 2FA at next login.

LDAP users

Enter the Distinguished Name (DN) for the user.

Use Cases (overview)

SSH

FortiOS, FortiProxy, Palo Alto, or SSL VPN

VPN and Ransomware

High security subnets and JIT network access

Financial services data partner, secure web upload

Web applications (layer-7 filtering)

Remote Desktop, simple small business example

Firewall Manager access (IT MSP)

Ivanti Connect Secure

Video

VOIP

AWS Infrastructure

Azure Portal

Licensing Knocknoc

Server Installation

Agent Installation

Knocker - a cli utility for agents

Create Users

Create Groups

Admins

Settings

Updates and Upgrades

Local Authentication (MFA included)

SAML

SAML Principles and Terms

SAML with EntraID (Azure AD)

SAML with OKTA

SAML with Gsuite as IDP

SAML with Jumpcloud

SAML for the Admin Interface

SAML with Keycloak

SAML with CyberArk

SAML with Authentik

Knocknoc with ADFS

LDAP

IPSet (Linux Netfilter/IPTables)

Fortigate Address Groups (Fortinet)

Palo Alto

Juniper SRX

Allowlist (EDLs)

Microsoft Entra

HAProxy

IPsets with UFW

IPsets with Shorewall

Custom Script

AWS (EC2) Security Groups

AWS WAF Ipset

Mikrotik RouterOS

Nginx

Apache Webserver

Click to Grant/Revoke

Additional client IP addresses

Time for NTP

LDAP Troubleshooting tips

Knocknoc server behind HAProxy

HAProxy tips and tricks

LOOTOTL - Last One Out Turn Off The Lights

Create Users

2FA and TOTP

LDAP users