From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id EBBF61FF187 for ; Mon, 22 Sep 2025 15:57:04 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 5F6C21D98F; Mon, 22 Sep 2025 15:57:34 +0200 (CEST) Date: Mon, 22 Sep 2025 15:57:30 +0200 To: Mime-Version: 1.0 Message-Id: X-Mailer: aerc 0.20.0 References: <20250916144827.551806-1-s.sterz@proxmox.com> In-Reply-To: From: "Shannon Sterz" X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1758549439086 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.059 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pdm-devel] [PATCH datacenter-manager/proxmox/yew-comp 00/11] Add LDAP and AD realm support to Proxmox Datacenter Manager X-BeenThere: pdm-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Datacenter Manager development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Datacenter Manager development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pdm-devel-bounces@lists.proxmox.com Sender: "pdm-devel" just wanted to respond here again before sending a v2 to keep the discussion about suggested changes in one place: On Fri Sep 19, 2025 at 1:11 PM CEST, Shannon Sterz wrote: > On Fri Sep 19, 2025 at 12:02 PM CEST, Christoph Heiss wrote: -->8 snip 8<-- >> - No default realm is set by default. E.g. with this series applied, by >> default all realms show an "X" in the default column. Should set PAM >> as default realm if none is set yet. > > yes the default realm logic is lacking in general. i am already working > on the following things: > > - make the login component respect the default realm setting > - allow editing other realms in order to allow setting them as default > realms > > so i'll add marking pam as default if no realm is set as default. for > now, i'd leave the default realm parts of this series as-is or move them > out of this series and tag that on to adding default realm support in > general. looking into this some more: this is also how pbs behaves. if no default is set, no entry in the column is marked as default. also note that pve seems to be lacking the default column in general. however, since some of the realms are configured via components from the widget toolkit, setting defaults for those is still possible (ad, ldap, openid). pam and pve realms cannot be set as defaults. for now, i'd leave the default support here as-is and will work on a general follow up for default realm support for pdm (but possibly also for pve, unless someone is already on that.) -->8 snip 8<-- >> - If "Enable new users" is set to "No", this isn't reflected/respected >> in the sync panel. E.g. set it to "No", the sync panel will still show >> "Default (Yes)" for the "Enable new" field. >> Also, I'd also name it "Enable new users" in the sync panel for >> consistency. >> - Continuing from the last one, the setting does not even seem to be >> respected? Setting it to "No" in both the realm settings and the sync >> panel _still_ creates new users. as is expected. but the accounts are not "enabled". i think you mixed up "Preview Only" (`dry-run` in the api) and "Enable new users" (`enable-new` in the api). the first just shows what would be synced but *does not* persist any changes. the later syncs as usual but the "Enabled" setting for new accounts will be set to whatever the `enable-new` option is set to (true by default, so accounts will be created and enabled). this worked as intended in my testing. _______________________________________________ pdm-devel mailing list pdm-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel