[TUTORIAL] How can I enable TFA for a user via script?

Thread starter eMarcus
Start date Yesterday at 15:28

eMarcus

New Member

Yesterday at 15:28

Hi,
Because we often add whole LDAP groups to our Proxmox cluster and we enforce TFA for LDAP realms, I tried to script the TFA enablement for all users of a group.

I can create a new key using oathkeygen
I can add that key to a user with pveum user modify <user@realm> --keys <key>
I can even create a QRCode with qrencode and send it to the user with mail
But the user does not show up in the GUI "Two Factor" menu list and he can't login.

I guess there is another step missing (pveum user tfa unlock) does not work (no such user).

any ideas what the missing link could be?

Thanks and a nice weekend,
Marcus.

You must log in or register to reply here.

Bluesky LinkedIn Reddit Email Link

Top Bottom

Back

We value your privacy

We use essential cookies to make this site work, and optional cookies to enhance your experience.

See further information and configure your preferences

Accept all cookies Reject optional cookies
Essential cookies

These cookies are required to enable core functionality such as security, network management, and accessibility. You may not reject these.

Optional cookies

We deliver enhanced functionality for your browsing experience by setting these cookies. If you reject them, enhanced functionality will be unavailable.

Third-party cookies

Cookies set by third parties may be required to power functionality in conjunction with our captcha service provider for security and anti-spam purposes.

Detailed cookie usage

Privacy policy

Search

Search

[TUTORIAL] How can I enable TFA for a user via script?

eMarcus

New Member

We value your privacy