user management and security best practices

C

croeper

New Member
Nov 17, 2009
14
0
1
Aachen
www.berke.biz
Hi everyone,

after evaluating the big four (Xen, Proxmox, VMware and Hyper-V), the decision is (more or less, partner discussion still to go) towards Proxmox.
So I just wanted to know if someone here has some experience how to do user management and security in Proxmox version 1.4; I read about the roadmap and user management in upcoming version 2.0, but I would like to have some simple user management now, so not everybody needs to connect as root to start/stop VMs.
I found some thread in the forum, but somehow it is not working for me. I created the user, add it to group root, but when trying to login I get the "...could not be logged on. Make sure user name and password..." error.
Someone here said they made a "Separate GUI for each user" solution, but it looks like to be way of the standard track; and a report without a link to proof is just words, no deeds; so doesn't help.
With this KVM tip setting up the proper group in linux would fulfill my needs, just need to be able to login.
The forum tip ("how to login to proxmox with a different user than root") would be fine as well, but I don't get a proper login with anything but root. I looked into the
/usr/share/pve-manager/root/login.pl
Click to expand...
script, but to be honest my Perl (write once, read never ;-) is pretty bad, so no clue here.
Does someone have any insight or best practice? How do you manage different users?
Best regards

christoph
 
croeper said:
Hi everyone,

after evaluating the big four (Xen, Proxmox, VMware and Hyper-V)
Click to expand...

cool, we are one of the big 4! and even better, you want choose Proxmox VE.

good decision.

user management is really needed and it has top priority here. we just need to put more resources in the development here, if you can help here it can speed up a bit.
 
we just need to put more resources in the development here, if you can help here it can speed up a bit.
Click to expand...
Well, not only regarding to my experience with development and software projects, but also as Mr. Brooks said in his "Mythical Man-Month" adding person-power late to a software project makes it even later...

However what kind of help do you think of that would really help and does make sense? When knowing that I can check if it matches my skills.
 
croeper said:
Well, not only regarding to my experience with development and software projects, but also as Mr. Brooks said in his "Mythical Man-Month" adding person-power late to a software project makes it even later...

However what kind of help do you think of that would really help and does make sense? When knowing that I can check if it matches my skills.
Click to expand...

joining the dev team is not needed for user management but you can do the following to free more resources from the current team:

  • help new users in this forum (reducing the support efforts of our team)
  • testing of beta software (as soon as we have a beta of the user management) and report bugs in this forum
  • and of course, donating some bucks always helps to keep a community project alive
 
Sorry for my late reply, see other thread for reasons.

tom said:
joining the dev team is not needed for user management but you can do the following to free more resources from the current team:

* help new users in this forum (reducing the support efforts of our team)
Click to expand...
As being a new user by myself, I probably need more help than I can give by now. But I will do my very best... ;)

* testing of beta software (as soon as we have a beta of the user management) and report bugs in this forum
Click to expand...
Can do that, although I have no physical spare machine to test this. But as far as I know Proxmox runs in Proxmox (as a virtual machine), and for user management testing, this should be OK.

* and of course, donating some bucks always helps to keep a community project alive
Click to expand...
We'll consider this as well, but not in this year (a criteria for our VM host choice was, that it should be free). Probably next year we can free some budget for that.
Best regards

christoph

Btw. I managed to create a different root user like in the post above, a stupid typo brought me on the wrong track the first time.
 
You must log in or register to reply here.
Top Bottom