PrivacyIDEA as 2FA for Samba4 AD users - Ubuntu Desktop


I configured Samba4 AD domain and it has users of course. It’s being in use in Ubuntu 20.04 computers. I’m interested to add TOTP to login to the operating system. Not just adding them 2FA but also to be able to manage that (reset 2fa for example) Since PrivacyIDEA supports PAM, I believe it’s possible.

Has someone did this before?

How to start? I have PrivacyIDEA and FreeRADIUS installed (but not configured) already