X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=pveum.1-synopsis.adoc;h=3b38a9f5aede160a00c8df2964452942c86b7bb2;hb=12804f688fe4a0a4d6affb94174b0242259588f8;hp=e00cfdf7fccb3b3b61ab7736866d83df83916a30;hpb=4772952b604a1fd9bca16e70fbe6a1d3b2d7feca;p=pve-docs.git diff --git a/pveum.1-synopsis.adoc b/pveum.1-synopsis.adoc index e00cfdf..3b38a9f 100644 --- a/pveum.1-synopsis.adoc +++ b/pveum.1-synopsis.adoc @@ -136,6 +136,54 @@ Change user password. User ID +*pveum pool add* `` `[OPTIONS]` + +Create new pool. + +``: `` :: + +no description available + +`--comment` `` :: + +no description available + +*pveum pool delete* `` + +Delete pool. + +``: `` :: + +no description available + +*pveum pool list* `[FORMAT_OPTIONS]` + +Pool index. + +*pveum pool modify* `` `[OPTIONS]` + +Update pool data. + +``: `` :: + +no description available + +`--comment` `` :: + +no description available + +`--delete` `` :: + +Remove vms/storage (instead of adding it). + +`--storage` `` :: + +List of storage IDs. + +`--vms` `` :: + +List of virtual machines. + *pveum realm add* ` --type ` `[OPTIONS]` Add an authentication server. @@ -144,6 +192,14 @@ Add an authentication server. Authentication domain ID +`--acr-values` `` :: + +Specifies the Authentication Context Class Reference values that theAuthorization Server is being requested to use for the Auth Request. + +`--autocreate` `` ('default =' `0`):: + +Automatically create users if they do not exist. + `--base_dn` `\w+=[^,]+(,\s*\w+=[^,]+)*` :: LDAP base domain name @@ -168,6 +224,14 @@ Path to the client certificate Path to the client certificate key +`--client-id` `` :: + +OpenID Client ID + +`--client-key` `` :: + +OpenID Client Key + `--comment` `` :: Description. @@ -200,6 +264,10 @@ LDAP filter for group sync. LDAP attribute representing a groups name. If not set or found, the first value of the DN will be used as name. +`--issuer-url` `` :: + +OpenID Issuer Url + `--mode` `` ('default =' `ldap`):: LDAP protocol mode. @@ -212,6 +280,14 @@ LDAP bind password. Will be stored in '/etc/pve/priv/realm/.pw'. Server port. +`--prompt` `(?:none|login|consent|select_account|\S+)` :: + +Specifies whether the Authorization Server prompts the End-User for reauthentication and consent. + +`--scopes` `` ('default =' `email profile`):: + +Specifies the scopes (user details) that should be authorized and returned, for example 'email' or 'profile'. + `--secure` `` :: Use secure LDAPS protocol. DEPRECATED: use 'mode' instead. @@ -240,7 +316,7 @@ Comma separated list of key=value pairs for specifying which LDAP attributes map Use Two-factor authentication. -`--type` `` :: +`--type` `` :: Realm type. @@ -252,6 +328,10 @@ LDAP user attribute name The objectclasses for users. +`--username-claim` `` :: + +OpenID claim used to generate the unique username. + `--verify` `` ('default =' `0`):: Verify the server's SSL certificate @@ -276,6 +356,14 @@ Update authentication server settings. Authentication domain ID +`--acr-values` `` :: + +Specifies the Authentication Context Class Reference values that theAuthorization Server is being requested to use for the Auth Request. + +`--autocreate` `` ('default =' `0`):: + +Automatically create users if they do not exist. + `--base_dn` `\w+=[^,]+(,\s*\w+=[^,]+)*` :: LDAP base domain name @@ -300,6 +388,14 @@ Path to the client certificate Path to the client certificate key +`--client-id` `` :: + +OpenID Client ID + +`--client-key` `` :: + +OpenID Client Key + `--comment` `` :: Description. @@ -340,6 +436,10 @@ LDAP filter for group sync. LDAP attribute representing a groups name. If not set or found, the first value of the DN will be used as name. +`--issuer-url` `` :: + +OpenID Issuer Url + `--mode` `` ('default =' `ldap`):: LDAP protocol mode. @@ -352,6 +452,14 @@ LDAP bind password. Will be stored in '/etc/pve/priv/realm/.pw'. Server port. +`--prompt` `(?:none|login|consent|select_account|\S+)` :: + +Specifies whether the Authorization Server prompts the End-User for reauthentication and consent. + +`--scopes` `` ('default =' `email profile`):: + +Specifies the scopes (user details) that should be authorized and returned, for example 'email' or 'profile'. + `--secure` `` :: Use secure LDAPS protocol. DEPRECATED: use 'mode' instead. @@ -484,6 +592,10 @@ Create or verify authentication ticket. User name +`--new-format` `` ('default =' `0`):: + +With webauthn the format of half-authenticated tickts changed. New clients should pass 1 here and not worry about the old format. The old format is deprecated and will be retired with PVE-8.0 + `--otp` `` :: One-time password for Two-factor authentication. @@ -504,6 +616,10 @@ NOTE: Requires option(s): `path` You can optionally pass the realm using this parameter. Normally the realm is simply added to the username @. +`--tfa-challenge` `` :: + +The signed TFA challenge string the user wants to respond to. + *pveum user add* `` `[OPTIONS]` Create new user. @@ -628,27 +744,15 @@ Only dump this specific path, not the whole tree. *pveum user tfa delete* `` `[OPTIONS]` -Change user u2f authentication. +Delete TFA entries from a user. ``: `` :: User ID -`--config` `type= [,digits=] [,id=] [,key=] [,step=] [,url=]` :: - -A TFA configuration. This must currently be of type TOTP of not set at all. - -`--key` `` :: - -When adding TOTP, the shared secret value. - -`--password` `` :: - -The current password. - -`--response` `` :: +`--id` `` :: -Either the the response to the current u2f registration challenge, or, when adding TOTP, the currently valid TOTP value. +The TFA ID, if none provided, all TFA entries will be deleted. *pveum user token add* ` ` `[OPTIONS]` `[FORMAT_OPTIONS]`