OpenID Connect not working in PVE-7.2-1

[envoquesolutions]

Hi There,

I am facing challenges while implementing OpenID Connect with Azure AD.
Authentication is working after manually changing '/usr/share/perl5/PVE/API2/OpenId.pm' from 1024 to 32768.
But after successful authentication receives an error as below:
'OpenID login failed, please try again, authentication failure (401)'


Downgrading 'libpve-rs-perl' to version 0.5.0 will not work because it asks to remove other 18 packages.


Here below is the ourpur of 'pveversion -v'

root@espl:~# pveversion -v
proxmox-ve: 7.2-1 (running kernel: 5.15.39-2-pve)
pve-manager: 7.2-7 (running version: 7.2-7/d0dd0e85)
pve-kernel-5.15: 7.2-7
pve-kernel-helper: 7.2-7
pve-kernel-5.15.39-2-pve: 5.15.39-2
pve-kernel-5.15.30-2-pve: 5.15.30-3
ceph-fuse: 15.2.16-pve1
corosync: 3.1.5-pve2
criu: 3.15-1+pve-1
glusterfs-client: 9.2-1
ifupdown2: 3.1.0-1+pmx3
ksm-control-daemon: 1.4-1
libjs-extjs: 7.0.0-1
libknet1: 1.24-pve1
libproxmox-acme-perl: 1.4.2
libproxmox-backup-qemu0: 1.3.1-1
libpve-access-control: 7.2-4
libpve-apiclient-perl: 3.2-1
libpve-common-perl: 7.2-2
libpve-guest-common-perl: 4.1-2
libpve-http-server-perl: 4.1-3
libpve-storage-perl: 7.2-7
libspice-server1: 0.14.3-2.1
lvm2: 2.03.11-2.1
lxc-pve: 5.0.0-3
lxcfs: 4.0.12-pve1
novnc-pve: 1.3.0-3
proxmox-backup-client: 2.2.5-1
proxmox-backup-file-restore: 2.2.5-1
proxmox-mini-journalreader: 1.3-1
proxmox-widget-toolkit: 3.5.1
pve-cluster: 7.2-2
pve-container: 4.2-2
pve-docs: 7.2-2
pve-edk2-firmware: 3.20210831-2
pve-firewall: 4.2-5
pve-firmware: 3.5-1
pve-ha-manager: 3.4.0
pve-i18n: 2.7-2
pve-qemu-kvm: 6.2.0-11
pve-xtermjs: 4.16.0-1
qemu-server: 7.2-3
smartmontools: 7.2-pve3
spiceterm: 3.2-2
swtpm: 0.7.1~bpo11+1
vncterm: 1.7-1
zfsutils-linux: 2.1.5-pve1

Please guide me to have successful authentication with OpenID Connect using AAD in PVE_7.2-1.

Regards,
Kathan Tripathi

 

[LnxBil]

Normally with all external authentication, you will need detailed server logs and client logs. Without that, it is almost impossible to help you without knowning what step failed.

 

[envoquesolutions]

Ok, I can provide you both.
Please let me how to extract it!

 

[LnxBil]

Please let me how to extract it!

The Azure AD part I don't know and I hoped you know.

 

[envoquesolutions]

Please guide me for Proxmox VE 6.2-1

 

[Glowsome]

Please guide me for Proxmox VE 6.2-1

Wait, what ... first you are asking about 7.2, and now you are asking about 6.2 ?
- you have not yet given any details regarding your first setup ( except the mention you changed something in the '/usr/share/perl5/PVE/API2/OpenId.pm' - file without letting us in on what exactly you have changed.
- you have not provided ANY logs from either client, nor IDP-side.

And then all out of the blue you start a new question in the same thread to guide you for v6.2 ?