Verbose output format.
-*pveum passwd* `<userid>`
+*pveum passwd* `<userid>` `[OPTIONS]`
Change user password.
Full User ID, in the `name@realm` format.
+`--confirmation-password` `<string>` ::
+
+The current password of the user performing the change.
+
*pveum pool add* `<poolid>` `[OPTIONS]`
Create new pool.
no description available
-*pveum pool list* `[FORMAT_OPTIONS]`
+*pveum pool list* `[OPTIONS]` `[FORMAT_OPTIONS]`
+
+List pools or get pool configuration.
+
+`--poolid` `<string>` ::
+
+no description available
+
+`--type` `<lxc | qemu | storage>` ::
-Pool index.
+no description available
++
+NOTE: Requires option(s): `poolid`
*pveum pool modify* `<poolid>` `[OPTIONS]`
-Update pool data.
+Update pool.
`<poolid>`: `<string>` ::
no description available
+`--allow-move` `<boolean>` ('default =' `0`)::
+
+Allow adding a guest even if already in another pool. The guest will be removed from its current pool and added to this one.
+
`--comment` `<string>` ::
no description available
-`--delete` `<boolean>` ::
+`--delete` `<boolean>` ('default =' `0`)::
-Remove vms/storage (instead of adding it).
+Remove the passed VMIDs and/or storage IDs instead of adding them.
`--storage` `<string>` ::
-List of storage IDs.
+List of storage IDs to add or remove from this pool.
`--vms` `<string>` ::
-List of virtual machines.
+List of guest VMIDs to add or remove from this pool.
*pveum realm add* `<realm> --type <string>` `[OPTIONS]`
Authentication domain ID
-`--acr-values` `<string>` ::
+`--acr-values` `^[^\x00-\x1F\x7F <>#"]*$` ::
Specifies the Authentication Context Class Reference values that theAuthorization Server is being requested to use for the Auth Request.
Automatically create users if they do not exist.
-`--base_dn` `(?^:\w+=("[\w ,+/<>;=]+"|[^ ,+"/<>;=]+)(,\s*\w+=("[\w ,+/<>;=]+"|[^ ,+"/<>;=]+))*)` ::
+`--base_dn` `<string>` ::
LDAP base domain name
-`--bind_dn` `(?^:\w+=("[\w ,+/<>;=]+"|[^ ,+"/<>;=]+)(,\s*\w+=("[\w ,+/<>;=]+"|[^ ,+"/<>;=]+))*)` ::
+`--bind_dn` `<string>` ::
LDAP bind domain name
Path to the client certificate key
+`--check-connection` `<boolean>` ('default =' `0`)::
+
+Check bind connection to the server.
+
`--client-id` `<string>` ::
OpenID Client ID
The objectclasses for groups.
-`--group_dn` `(?^:\w+=("[\w ,+/<>;=]+"|[^ ,+"/<>;=]+)(,\s*\w+=("[\w ,+/<>;=]+"|[^ ,+"/<>;=]+))*)` ::
+`--group_dn` `<string>` ::
LDAP base domain name for group sync. If not set, the base_dn will be used.
Authentication domain ID
-`--acr-values` `<string>` ::
+`--acr-values` `^[^\x00-\x1F\x7F <>#"]*$` ::
Specifies the Authentication Context Class Reference values that theAuthorization Server is being requested to use for the Auth Request.
Automatically create users if they do not exist.
-`--base_dn` `(?^:\w+=("[\w ,+/<>;=]+"|[^ ,+"/<>;=]+)(,\s*\w+=("[\w ,+/<>;=]+"|[^ ,+"/<>;=]+))*)` ::
+`--base_dn` `<string>` ::
LDAP base domain name
-`--bind_dn` `(?^:\w+=("[\w ,+/<>;=]+"|[^ ,+"/<>;=]+)(,\s*\w+=("[\w ,+/<>;=]+"|[^ ,+"/<>;=]+))*)` ::
+`--bind_dn` `<string>` ::
LDAP bind domain name
Path to the client certificate key
+`--check-connection` `<boolean>` ('default =' `0`)::
+
+Check bind connection to the server.
+
`--client-id` `<string>` ::
OpenID Client ID
`--digest` `<string>` ::
-Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.
+Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.
`--domain` `\S+` ::
The objectclasses for groups.
-`--group_dn` `(?^:\w+=("[\w ,+/<>;=]+"|[^ ,+"/<>;=]+)(,\s*\w+=("[\w ,+/<>;=]+"|[^ ,+"/<>;=]+))*)` ::
+`--group_dn` `<string>` ::
LDAP base domain name for group sync. If not set, the base_dn will be used.
User name
-`--new-format` `<boolean>` ('default =' `0`)::
+`--new-format` `<boolean>` ('default =' `1`)::
-With webauthn the format of half-authenticated tickts changed. New clients should pass 1 here and not worry about the old format. The old format is deprecated and will be retired with PVE-8.0
+This parameter is now ignored and assumed to be 1.
`--otp` `<string>` ::
no description available
-`--keys` `<string>` ::
+`--keys` `[0-9a-zA-Z!=]{0,4096}` ::
Keys for two factor auth (yubico).
no description available
-`--keys` `<string>` ::
+`--keys` `[0-9a-zA-Z!=]{0,4096}` ::
Keys for two factor auth (yubico).
The TFA ID, if none provided, all TFA entries will be deleted.
+*pveum user tfa list* `[<userid>]`
+
+List TFA entries.
+
+`<userid>`: `<string>` ::
+
+Full User ID, in the `name@realm` format.
+
+*pveum user tfa unlock* `<userid>`
+
+Unlock a user's TFA authentication.
+
+`<userid>`: `<string>` ::
+
+Full User ID, in the `name@realm` format.
+
*pveum user token add* `<userid> <tokenid>` `[OPTIONS]` `[FORMAT_OPTIONS]`
Generate a new API token for a specific user. NOTE: returns API token
projects / pve-docs.git / blobdiff