I have tried every combination of permission path in a group permission and role (built in PVEUserAdmin and custom role). My desire is to have multiple "Applications", service, or product hosted on the same Proxmox cluster/datacenter and have an Application Admin role that will allow them to reset password, create and add users to the group that they are assigned.
If I assign the PVEUserAdmin role to /access/realm I can only see only the current user.
If I assign the PVEUserAdmin role /access or a combination to include /access/groups I see all users.
Is there anyway to restrict that "Application" admin only have control over the related user accounts and/or default new users be automatically added to that group?
If I assign the PVEUserAdmin role to /access/realm I can only see only the current user.
If I assign the PVEUserAdmin role /access or a combination to include /access/groups I see all users.
Is there anyway to restrict that "Application" admin only have control over the related user accounts and/or default new users be automatically added to that group?
Last edited: