Timotej Lazar
3f53c84865
Since OIDC auth doesn’t support groups, get them from AD over LDAP. Add a script to fetch user and groups, and update /etc/pve/user.cfg. The script is only installed on one node (first alphabetically), with a cron job to run it daily. The script is installed for clusters with the sync-ldap context key set to a corresponding OIDC realm. The keys ldap_user and ldap_pass must be present in the password store under cluster/<name>. |
||
---|---|---|
.. | ||
files | ||
handlers | ||
tasks | ||
templates |