AD group to Proxmox group mapping when using OpenID Connect (OIDC)

D

Dodinas Greenhand

New Member
Dec 3, 2021
1
0
1
36
I am using OpenID Connect to use AD accounts to access to my Proxmox installation. I configured it using this tutorial. Works well :)

At the moment, users login with their AD accounts and then I manually assign them membership to groups in Proxmox.

I would like to use AD groups to grant accounts membership to Proxmox groups.
Is this possible? If so, how should I go about configuring it?
 
Dodinas Greenhand said:
Is this possible? If so, how should I go about configuring it?
Click to expand...
no thats currently not possible. you could create some script that queries your ad and assigns groups/etc via cli/api

if you use an 'ad' or 'ldap' realm directly (no openid), there is the possibilty of a sync that pve can do, but it only syncs users and groups, no acls or similar
 
  • Like
Reactions: Dodinas Greenhand
Would it be possible to have such an option ?

I can be as simple as having a group (or a permission) assigned to all users of a realm. Right now there is no way to have automatic rights on users except with automatic sync with ldap - and that can be hard to manage with lot of proxmox/users :)

Bests,
 
You must log in or register to reply here.
Top Bottom
Back