command) on all nodes the user is allowed to login, and the user
authenticates with their usual system password.
+
command) on all nodes the user is allowed to login, and the user
authenticates with their usual system password.
+
Proxmox VE authentication server::
This is a unix like password store (`/etc/pve/priv/shadow.cfg`).
Password are encrypted using the SHA-256 hash method.
Proxmox VE authentication server::
This is a unix like password store (`/etc/pve/priv/shadow.cfg`).
Password are encrypted using the SHA-256 hash method.
installations where users do not need access to anything outside of
{pve}. In this case users are fully managed by {pve} and are able to
change their own passwords via the GUI.
LDAP::
installations where users do not need access to anything outside of
{pve}. In this case users are fully managed by {pve} and are able to
change their own passwords via the GUI.
LDAP::
openldap). The server and an optional fallback server can be
configured and the connection can be encrypted via SSL.
+
openldap). The server and an optional fallback server can be
configured and the connection can be encrypted via SSL.
+
able to query and authenticate users, a bind domain name can be
configured via the `bind_dn` property in `/etc/pve/domains.cfg`. Its
password then has to be stored in `/etc/pve/priv/ldap/<realmname>.pw`
able to query and authenticate users, a bind domain name can be
configured via the `bind_dn` property in `/etc/pve/domains.cfg`. Its
password then has to be stored in `/etc/pve/priv/ldap/<realmname>.pw`
API call's schema otherwise lists it as being optional.
`["userid-group", [ <privileges>... ], <options>...]`::
API call's schema otherwise lists it as being optional.
`["userid-group", [ <privileges>... ], <options>...]`::
`["userid-param", "Realm.AllocateUser"]`::
The user needs `Realm.AllocateUser` access to `/access/realm/<realm>`, with
`["userid-param", "Realm.AllocateUser"]`::
The user needs `Realm.AllocateUser` access to `/access/realm/<realm>`, with
parameter. Note that the user does not need to exist in order to be
associated with a realm, since user IDs are passed in the form of
`<username>@<realm>`.
parameter. Note that the user does not need to exist in order to be
associated with a realm, since user IDs are passed in the form of
`<username>@<realm>`.