Recent content by f4242

Thanks for the details! I guess it's just another reason to not delay the DC updates :)

Hello, I upgraded my first PBS server to 3.1 today. LDAP authentication is failing with that error : The LDAP backend is Samba on Ubuntu 16.04 ESM (yeah, I know, it needs upgrade!). Samba is logging: "A TLS fatal alert has been received". I wonder if PBS 3.x now requires TLSv1.3. Is there a...

The local owner is already root@pam and I'm trying to edit as an ldap user account. Because there is no group support I could set as owner of the job, I suppose there is no way to give access to more than one user w/o giving the datastore modify privileges?

Hello, I pasted the ACL in my previous post. It seem similar to what you tested. The only difference I see is I don't set permission for a specific remote or datastore url but I set the permission on /datastore and /remote with the propagate flag. Here a screenshot: When trying to edit (same...

How I do what? :)

Hello, I'm trying to find a way to automate the backup monitoring with Zabbix. I added a backup script hook in PVE so every time a VM is backed up, the zabbix server is notified. This allow me to configure a trigger based on last backup date so there is an alert if a VM is not backed up for...

Hello, So should I understand there is actually no way to allow to launch or edit a sync job without giving access to deleting backup in the datastore?

Hum, I tried to add DatastoreBackup but I still get permission denied when trying to manually launch a sync job. {% for utilisateur in proxmoxbs_utilisateurs_ldap %} acl:1:/:{{ utilisateur.id }}@ldap:Audit acl:1:/system:{{ utilisateur.id }}@ldap:Admin acl:1:/datastore:{{ utilisateur.id...

Hello, I'm trying to setup minimal required permission to our everyday account. I would like to be able to launch or edit a sync job, but not allow deleting data from the data store. Seem like this is not possible ? I tried to give theses permissions : acl:1:/:myuser@ldap:Audit...

Good news,thank you!

Hello, openid: sso client-id proxmox-backup-server client-key **** comment issuer-url https://auth.****.** client-key is 32 random alpha-num characters.

Hello, Yes the realm is displayed with the openid list command, but I can't create user. root@pbs:~# proxmox-backup-manager openid list ┌───────┬─────────────────────┬─────────┐ │ realm │ issuer-url │ comment │ ╞═══════╪═════════════════════╪═════════╡ │ sso │ https://auth.****** │...

Hello, I'm trying to configure openid SSO. I created the realm and disabled auto creation of users. How I'm supposed to create the users? In PVE, when I create a user, I can select the realm in the form but in PBS this field is missing from the GUI. Also, when trying in CLI, I get an error...

I found how to disable it after the first boot. I added this at the end of cloud.cfg: runcmd: - touch /etc/cloud/cloud-init.disabled About the user creation, I commented a bunch of module in cloud.cfg so it stopped to create them!

In fact, I wonder if there is a way to run the cloudinit configuration only at first boot. I found that when I do any change in the cloudinit panel, it seem to restart the configuration (create new ssh host keys, install updates, etc). This is something I would like to do only once at...