* [pve-devel] [PATCH docs] pveum: add paragraph about syncing user attributes
@ 2022-05-02 13:56 Dominik Csapak
2022-05-04 6:42 ` [pve-devel] applied: " Thomas Lamprecht
0 siblings, 1 reply; 2+ messages in thread
From: Dominik Csapak @ 2022-05-02 13:56 UTC (permalink / raw)
To: pve-devel
and improve wording for the remove vanished 'Properties' option.
Currently, we use both the word 'attributes' as well as 'properties'
for user fields (such as firstname, etc). I rewrote that a bit by calling
them 'attributes' for the LDAP side and 'properties' for the PVE side.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
pveum.adoc | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/pveum.adoc b/pveum.adoc
index 99e1a45..38fd941 100644
--- a/pveum.adoc
+++ b/pveum.adoc
@@ -295,6 +295,11 @@ pveum realm sync <realm>
Users and groups are synced to the cluster-wide configuration file,
`/etc/pve/user.cfg`.
+If the sync response includes user attributes, they will be synced into the
+matching user property in the `user.cfg` (for example: 'firstname', 'lastname',
+etc.). If the names of the attributes are not matching the PVE properties, you
+can set a custom field-to-field map in the config with the 'sync_attributes'
+option.
Sync Configuration
^^^^^^^^^^^^^^^^^^
@@ -334,7 +339,6 @@ NOTE: Filters allow you to create a set of additional match criteria, to narrow
down the scope of a sync. Information on available LDAP filter types and their
usage can be found at https://ldap.com/ldap-filters/[ldap.com].
-
[[pveum_ldap_sync_options]]
Sync Options
^^^^^^^^^^^^
@@ -366,10 +370,10 @@ The main options for syncing are:
- `Entry` (`entry`): Removes entries (i.e. users and groups) when they are
not returned in the sync response.
- - `Properties` (`properties`): Removes properties of entries which were
- not returned in the sync response. This includes custom properties
- which were never set by the sync. Exceptions are tokens and the enable
- flag. Those will be retained even with this option.
+ - `Properties` (`properties`): Removes properties of entries where the user
+ in the sync response did not contain those attributes. This includes
+ all properties, even those never set by a sync. Exceptions are tokens
+ and the enable flag, these will be retained even with this option enabled.
* `Preview` (`dry-run`): No data is written to the config. This is useful if you
want to see which users and groups would get synced to the `user.cfg`.
--
2.30.2
^ permalink raw reply [flat|nested] 2+ messages in thread
* [pve-devel] applied: [PATCH docs] pveum: add paragraph about syncing user attributes
2022-05-02 13:56 [pve-devel] [PATCH docs] pveum: add paragraph about syncing user attributes Dominik Csapak
@ 2022-05-04 6:42 ` Thomas Lamprecht
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Lamprecht @ 2022-05-04 6:42 UTC (permalink / raw)
To: Proxmox VE development discussion, Dominik Csapak
Am 5/2/22 um 15:56 schrieb Dominik Csapak:
> and improve wording for the remove vanished 'Properties' option.
>
> Currently, we use both the word 'attributes' as well as 'properties'
> for user fields (such as firstname, etc). I rewrote that a bit by calling
> them 'attributes' for the LDAP side and 'properties' for the PVE side.
>
> Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
> ---
> pveum.adoc | 14 +++++++++-----
> 1 file changed, 9 insertions(+), 5 deletions(-)
>
>
applied (already on Monmday), thanks!
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-05-04 6:42 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-02 13:56 [pve-devel] [PATCH docs] pveum: add paragraph about syncing user attributes Dominik Csapak
2022-05-04 6:42 ` [pve-devel] applied: " Thomas Lamprecht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox