Hi,
We run quite a lot of clusters on which we configure a AD-Realm that users our AD-setup to authenticate our personnel. We also use 2FA (OTP) for our realm. I add users with
This works for the 'old school' 2FA, but the 'new' setup uses 'x!oauth' for --keys and sets keys in /etc/pve/priv/tfa.cfg.
Is there a way to configure that automagically using the cli, without requiring the actual password and challenge/response is the API?
We run quite a lot of clusters on which we configure a AD-Realm that users our AD-setup to authenticate our personnel. We also use 2FA (OTP) for our realm. I add users with
Code:
command: pvesh create /access/users --userid "{{ item.userid }}"@TuxisIE --groups Administrators --firstname "{{ item.firstname }}" --lastname "{{ item.lastname }}" --keys "{{ item.fakeys }}"This works for the 'old school' 2FA, but the 'new' setup uses 'x!oauth' for --keys and sets keys in /etc/pve/priv/tfa.cfg.
Is there a way to configure that automagically using the cli, without requiring the actual password and challenge/response is the API?