[PVE-User] Proxmox VE 2.0 rc1 released!

Alain Péan alain.pean at lpp.polytechnique.fr
Mon Feb 20 16:13:08 CET 2012


Hi Michael,

I did some configuration before trying to add an AD domain. I installed 
Samba and Kerberos, and configured both for my AD domain, then join the 
PVE hosts to the domain with 'net ads join'.

It is my feeling that these steps are necessary, in order to provide an 
account for the PVE host on the AD domain, initialize the kerberos keys 
(/etc/krb5.keytab) etc.... That is what I do to configure AD 
authentication on other conventionnal linux machines. Notice that my DNS 
servers in /etc/resolv.conf are those from windows domain.

Dietmar can perhaps say if these steps are required or not. If you don't 
enter at any point AD administratror credentials to join the domain, I 
don't see how it could work... And it was indeed working for me.

Did you do some similar configuration ?

Alain

Le 20/02/2012 15:29, Gusek, Michael a écrit :
> Hi Dietmar,
>
> i've added an AD-User to proxmox, explained by you below. Login works fine, but cannot add new user: "no such user ('manfred.mustermann at vanguard.de') (403)". With root there isn't a problem. Here my user.cfg:
>
> user:michael.gusek at vanguard.de:1:0:Michael:Gusek:michael.gusek at vanguard-healthcare.com::
> user:root at pam:1:0:::it at vanguard-healthcare.com::
>
> group:admin:michael.gusek at vanguard.de::
>
> acl:1:/:@admin:Administrator:
>
> Thanks,
>
> Michael
>
> -----Ursprüngliche Nachricht-----
> Von: pve-user-bounces at pve.proxmox.com [mailto:pve-user-bounces at pve.proxmox.com] Im Auftrag von Dietmar Maurer
> Gesendet: Montag, 20. Februar 2012 10:07
> An: Alain Péan; pve-user at pve.proxmox.com
> Betreff: Re: [PVE-User] Proxmox VE 2.0 rc1 released!
>
>> I added a group with role 'Administrator', and add my AD user to this group. I
>> thought it was the group with all permissions, but when I log as this AD user, I
>> cannot see under given node the storages, as I do when logged as root. Is this
>> normal ?
> How did you add the role?
>
> Goto Datacenter/Permissions/Add/GroupPermissions
>
> Path: /
> Group: yourgroup
> Role: Administrator
>
> Please can you post the '/etc/pve/user.cfg' file If that does not work?
>
> - Dietmar
>
>
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user


-- 
==========================================================
Alain Péan - LPP/CNRS
Administrateur Système/Réseau
Laboratoire de Physique des Plasmas - UMR 7648
Observatoire de Saint-Maur
4, av de Neptune, Bat. A
94100 Saint-Maur des Fossés
Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33
==========================================================




More information about the pve-user mailing list