Active Directory

I

italian01

Member
Feb 23, 2012
57
0
6
Italy
Hello to all readers.

I neet to manage ProXmoX security enviroment by AD using Web Interface. Is it possible at present? If so, is there any manual or howto guide about?

Regards.
 
Thank you,

but I already read this manual. I found it not ...so clear. For instance, I already added AD authentication by ProXmoX Web Interface on HOME\Datacenter\Authentication tab. So, and after this? What do I have to do, in example, to assign root-rights to an AD user?

Regards.
 
you cannot assign system root-rights to an AD user - you can assign admin privileges to the Proxmox VE system.

the ADS connection is use to verify passwords only.

example:
- I have an ADS account 'tom' on ads.domain.com
- First, I configure ADS authentication for ads.domain.com
- Create a group on Proxmox VE, lets call it "ads-admin"
- add the needed permissions to this group, as path just enter /
- Create a user, call it tom and select ads.domain.com as realm, and make it member in the group "ads-admin"

so now you can login with tom and as he is member of ads-admin you will have the selected permissions.
 
tom said:
- Create a user, call it tom and select ads.domain.com as realm, and make it member in the group "ads-admin"
Click to expand...


On this step, my ProXmoX "Add: User" pop-up gives me a drop-down list for "Realm" filed. It constrains me to select only its values, and these are:

- Linux PAM standard authentication
- Proxmox VE authentication server

So, I cannot write my domain there. Where do I make mistake?

Regar
 
italian01 said:
On this step, my ProXmoX "Add: User" pop-up gives me a drop-down list for "Realm" filed. It constrains me to select only its values, and these are:

- Linux PAM standard authentication
- Proxmox VE authentication server

So, I cannot write my domain there. Where do I make mistake?

Regar
Click to expand...

you need to configure the ADS authentication first, as I wrote. then you should have it here on the list as additional option.

also make sure you run the latest packages (run aptitude update && aptitude full-upgrade)
 
tom said:
you need to configure the ADS authentication first, as I wrote.
Click to expand...

Yes, Tom, you're right.

And I already done it. So, after I read your last post, I rechecked my configuration, and I noticed that "realm" drop-box fill its list by "comment" field of Authentication Realms, and not by "Realm" field (as I thought). So, given that I didn't fill "comment" field, this is the cause I didn't see it in the drop-box list.

Another brief question: when I add a new AD user in ProXmox, can be it an AD group? And if so, can any AD user of this AD group authenticate itself on ProXmoX?

Regards.
 
italian01 said:
Yes, Tom, you're right.

And I already done it. So, after I read your last post, I rechecked my configuration, and I noticed that "realm" drop-box fill its list by "comment" field of Authentication Realms, and not by "Realm" field (as I thought). So, given that I didn't fill "comment" field, this is the cause I didn't see it in the drop-box list....
Click to expand...

this is an old, already fixed bug. https://bugzilla.proxmox.com/show_bug.cgi?id=125
look like it did not hit the public repo yet (we work on that).
 
no, you can use only AD user, no AD groups.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back