Hi, Am 23/03/2023 um 11:30 schrieb Mariusz Suchodolski: > Is custom realm <-> pam mapping in plans?
Not sure what you mean here exactly.. > > We've setup Azure AD authentication but attempting to connect to one of the > virtualization hosts yields the following message when attempting to access > console: > > Connection failed (Error 403: Permission check failed (realm aad ! = pam) ) Yeah, this is a bit of an odd virtual limitations, and I'd be open to drop those is-realm-pam checks completely; having Sys.Console and password of a system user (root, or some ldap exposed system user) for login into the shell is really enough. As we try to avoid doing ACL changes with potential implications on a rolling package update, I'd prefer doing this on the next major release, e.g. PVE 8.0 this year; as there we can add a more prominent entry in the changelogs "noteable changes" section. I checked quickly, but it doesn't seem we have a request for this logged in our bugzilla (#2170 is sounding close but effectively wants something different), so you could open a enhancement request to keep track of this at: https://bugzilla.proxmox.com/ - Thomas _______________________________________________ pve-user mailing list [email protected] https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user
