Recent content by sterzy

Hallo, ja der Key muss "re-issued" werden, ist im Shop erklärt [1]. [1]: https://shop.proxmox.com/index.php?rp=/knowledgebase/6/Server-change---How-can-I-move-my-current-subscription-key-to-the-new-server.html

Fingerprints just identify the TLS certificate and probably aren't you problem here. The error message indicates that there is already a token by this name already exists on the remote. Either choose a different name for the token when adding the remote or log into the remote and remove the...

Yes there is already an open bug to track implementing groups for PDM [1]. The context there is LDAP/AD realms, but of course OpenID realms would be part of that too once we implement it. [1]: https://bugzilla.proxmox.com/show_bug.cgi?id=6883

I think you are misunderstanding something here. The remote configurations are not per user. You probably just haven't given your new user any permissions, so it does not see existing remotes. Simply configure appropriate permissions for the OpenID user in the Access Control menu.

Just so you are aware, BTRFS also suffers from write amplification [1]. If this is something you are very worried about, bitrot protections, such as checksums, will always incur extra overhead. Thus, you will always suffer from some degree of write amplification. However, BTRFS generally comes...

Yes, all remotes are only connected to via HTTPS. This depends on your setup. If everything is local in your network, a VPN may not be necessary. If you split your infrastructure across several networks, and it is not possible for PDM to connect to all remotes, then yes using a VPN or similar...

Maybe you misunderstood? This is not a general requirement. PDM uses the REST API of all remotes, so no SSH is involved. HTTP connections are secured via HTTPS/TLS. HTTPS certificates are verified by PDM either by fingerprint that will be saved when configuring a remote or via the trusted...

Hi this is a bug and has already been fixed and applied on latest git [1]. The next release should hopefully include this fix, thanks for reporting it anyway, though! [1]: https://git.proxmox.com/?p=ui/proxmox-yew-comp.git;a=commit;h=808a5c0c6a8a4c7ec5a285c9d585425e98d84f6b

Hm, by default firewall should be disabled. Can you run a small port scan of the Proxmox VE host to see what that results in? Should be doable with nmap -Pn <IP OF PVE HOST> from the host you are trying to connect from.

Are you sure there is no firewall in between you and the Proxmox VE host that blocks access to port 8006 from your VPN subnet? If you enabled the host firewall for your Proxmox VE host, you should also make sure that it accepts your connection on port 8006.

You currently can't use groups yet. This is a mistake in the documentation. However, there is already an open request for this feature [1]. Ah, yeah that should be cleaned up, sorry for that. [1]: https://bugzilla.proxmox.com/show_bug.cgi?id=6883

Alright, that means for the settings you are providing your AD realm expects some kind of authentication: Can you tell me the differences between your PVE and PDM AD realm exactly? Yes, currently a bind-dn is only supported in combination with a bind password. Are you using a bind-dn in...

Are you triggering that error by editing the realm through the UI? Please don't edit the realm through the UI. Instead, add the realm as intended to the file /etc/proxmox-datacenter-manager/access/domains.cfg. Then use the “Sync” Button in the UI under Configuration > Access Control > Realms. A...

Yes, due to naming conventions base_dn is used in our Rust code base, but the configuration expects base-dn. I understand this is confusing, though. In the configuration you should use base-dn. Yes, every time you try to update something, PDM will try to use the new configuration to query the...

The PDM (and PBS) implementations of our AD realm support try to guess the base-dn parameter from the default naming context that your AD realm uses. If this doesn't match the actual base-dn you want to use this won't work. For now, you should be able to add the realm manually by adding the...