Hi,

On Thu, Feb 11, 2021 at 12:58:40PM +0100, Thomas Lamprecht wrote:
> > Specifically, we need to use it with an AD realm.
> 
> To be clear, with what credentials would the login in the PVE shell?
> 
> Is the LDAP also exposed in the system and valid for login or do they
> have credentials of an existing PAM user?

Currently we want users of a specific group to be able to use the shell
as root, whithout a dedicated PAM user.

Another option we would have, would be to integrate the PVE node itself into
the domain and make use of sudo. But that would come with some company-related
difficulties and guidelines. For that reason we use AD for the web UI only.


max