X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=pveum.1-synopsis.adoc;h=85765a91d04c814b06b198579a8bb6c13e9e4a56;hb=74ff2e640d0f2390aeea3689147450603cd4f56d;hp=30855a1dfbd66ff0c7904c32b67fd9ad861667af;hpb=c5aa7e14b592291fa456e0749fcea4b953704b73;p=pve-docs.git

diff --git a/pveum.1-synopsis.adoc b/pveum.1-synopsis.adoc
index 30855a1..85765a9 100644
--- a/pveum.1-synopsis.adoc
+++ b/pveum.1-synopsis.adoc
@@ -136,6 +136,54 @@ Change user password.
 
 User ID
 
+*pveum pool add* `<poolid>` `[OPTIONS]`
+
+Create new pool.
+
+`<poolid>`: `<string>` ::
+
+no description available
+
+`--comment` `<string>` ::
+
+no description available
+
+*pveum pool delete* `<poolid>`
+
+Delete pool.
+
+`<poolid>`: `<string>` ::
+
+no description available
+
+*pveum pool list* `[FORMAT_OPTIONS]`
+
+Pool index.
+
+*pveum pool modify* `<poolid>` `[OPTIONS]`
+
+Update pool data.
+
+`<poolid>`: `<string>` ::
+
+no description available
+
+`--comment` `<string>` ::
+
+no description available
+
+`--delete` `<boolean>` ::
+
+Remove vms/storage (instead of adding it).
+
+`--storage` `<string>` ::
+
+List of storage IDs.
+
+`--vms` `<string>` ::
+
+List of virtual machines.
+
 *pveum realm add* `<realm> --type <string>` `[OPTIONS]`
 
 Add an authentication server.
@@ -144,6 +192,10 @@ Add an authentication server.
 
 Authentication domain ID
 
+`--autocreate` `<boolean>` ('default =' `0`)::
+
+Automatically create users if they do not exist.
+
 `--base_dn` `\w+=[^,]+(,\s*\w+=[^,]+)*` ::
 
 LDAP base domain name
@@ -156,6 +208,10 @@ LDAP bind domain name
 
 Path to the CA certificate store
 
+`--case-sensitive` `<boolean>` ('default =' `1`)::
+
+username is case-sensitive
+
 `--cert` `<string>` ::
 
 Path to the client certificate
@@ -164,6 +220,14 @@ Path to the client certificate
 
 Path to the client certificate key
 
+`--client-id` `<string>` ::
+
+OpenID Client ID
+
+`--client-key` `<string>` ::
+
+OpenID Client Key
+
 `--comment` `<string>` ::
 
 Description.
@@ -196,6 +260,10 @@ LDAP filter for group sync.
 
 LDAP attribute representing a groups name. If not set or found, the first value of the DN will be used as name.
 
+`--issuer-url` `<string>` ::
+
+OpenID Issuer Url
+
 `--mode` `<ldap | ldap+starttls | ldaps>` ('default =' `ldap`)::
 
 LDAP protocol mode.
@@ -236,7 +304,7 @@ Comma separated list of key=value pairs for specifying which LDAP attributes map
 
 Use Two-factor authentication.
 
-`--type` `<ad | ldap | pam | pve>` ::
+`--type` `<ad | ldap | openid | pam | pve>` ::
 
 Realm type.
 
@@ -248,6 +316,10 @@ LDAP user attribute name
 
 The objectclasses for users.
 
+`--username-claim` `<email | subject | username>` ::
+
+OpenID claim used to generate the unique username.
+
 `--verify` `<boolean>` ('default =' `0`)::
 
 Verify the server's SSL certificate
@@ -272,6 +344,10 @@ Update authentication server settings.
 
 Authentication domain ID
 
+`--autocreate` `<boolean>` ('default =' `0`)::
+
+Automatically create users if they do not exist.
+
 `--base_dn` `\w+=[^,]+(,\s*\w+=[^,]+)*` ::
 
 LDAP base domain name
@@ -284,6 +360,10 @@ LDAP bind domain name
 
 Path to the CA certificate store
 
+`--case-sensitive` `<boolean>` ('default =' `1`)::
+
+username is case-sensitive
+
 `--cert` `<string>` ::
 
 Path to the client certificate
@@ -292,6 +372,14 @@ Path to the client certificate
 
 Path to the client certificate key
 
+`--client-id` `<string>` ::
+
+OpenID Client ID
+
+`--client-key` `<string>` ::
+
+OpenID Client Key
+
 `--comment` `<string>` ::
 
 Description.
@@ -332,6 +420,10 @@ LDAP filter for group sync.
 
 LDAP attribute representing a groups name. If not set or found, the first value of the DN will be used as name.
 
+`--issuer-url` `<string>` ::
+
+OpenID Issuer Url
+
 `--mode` `<ldap | ldap+starttls | ldaps>` ('default =' `ldap`)::
 
 LDAP protocol mode.
@@ -476,6 +568,10 @@ Create or verify authentication ticket.
 
 User name
 
+`--new-format` `<boolean>` ('default =' `0`)::
+
+With webauthn the format of half-authenticated tickts changed. New clients should pass 1 here and not worry about the old format. The old format is deprecated and will be retired with PVE-8.0
+
 `--otp` `<string>` ::
 
 One-time password for Two-factor authentication.
@@ -496,6 +592,10 @@ NOTE: Requires option(s): `path`
 
 You can optionally pass the realm using this parameter. Normally the realm is simply added to the username <username>@<relam>.
 
+`--tfa-challenge` `<string>` ::
+
+The signed TFA challenge string the user wants to respond to.
+
 *pveum user add* `<userid>` `[OPTIONS]`
 
 Create new user.
@@ -618,6 +718,18 @@ User ID or full API token ID
 
 Only dump this specific path, not the whole tree.
 
+*pveum user tfa delete* `<userid>` `[OPTIONS]`
+
+Delete TFA entries from a user.
+
+`<userid>`: `<string>` ::
+
+User ID
+
+`--id` `<string>` ::
+
+The TFA ID, if none provided, all TFA entries will be deleted.
+
 *pveum user token add* `<userid> <tokenid>` `[OPTIONS]` `[FORMAT_OPTIONS]`
 
 Generate a new API token for a specific user. NOTE: returns API token