AD group to Proxmox group mapping when using OpenID Connect (OIDC)

D

Dodinas Greenhand

New Member
Dec 3, 2021
1
0
1
34
I am using OpenID Connect to use AD accounts to access to my Proxmox installation. I configured it using this tutorial. Works well :)

At the moment, users login with their AD accounts and then I manually assign them membership to groups in Proxmox.

I would like to use AD groups to grant accounts membership to Proxmox groups.
Is this possible? If so, how should I go about configuring it?
 
Dodinas Greenhand said:
Is this possible? If so, how should I go about configuring it?
Click to expand...
no thats currently not possible. you could create some script that queries your ad and assigns groups/etc via cli/api

if you use an 'ad' or 'ldap' realm directly (no openid), there is the possibilty of a sync that pve can do, but it only syncs users and groups, no acls or similar
 
  • Like
Reactions: Dodinas Greenhand
Would it be possible to have such an option ?

I can be as simple as having a group (or a permission) assigned to all users of a realm. Right now there is no way to have automatic rights on users except with automatic sync with ldap - and that can be hard to manage with lot of proxmox/users :)

Bests,
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back