Create admin user: Difference between revisions

Create Admin on Proxmox VE 9

1. Install sudo (if not present)

apt update && apt install -y sudo

2. Create an Administrative User

The following script will:

• Create a new local Linux user (replace asd and password as needed).
• Add the user to the sudo group.
• Create an admins group in Proxmox user management.
• Assign the Administrator role to the group.
• Add the user to the Proxmox permission system with PAM authentication.

USER="asd"
PASS="asd"
COMMENT="System Administrator"

# Create local user if not existing
if ! id "$USER" &>/dev/null; then
  useradd -m -s /bin/bash -G sudo "$USER"
  echo "$USER:$PASS" | chpasswd
fi

# Create admin group in Proxmox (ignore error if it exists)
pveum groupadd admins --comment "${COMMENT} group" || true

# Assign Administrator role to the group (root-level permission)
pveum acl modify / --group admins --role Administrator

# Add user to Proxmox user database (PAM authentication)
pveum user add "${USER}@pam" --comment "${COMMENT}" --groups admins || true

3. Remove the Created User and Group

To cleanly remove the user and associated group from both Linux and Proxmox:

USER="asd"

# Remove local Linux user
deluser --remove-home "$USER"

# Remove from Proxmox permission system
pveum user delete "${USER}@pam" || true
pveum group delete admins || true

4. (Optional) Disable Root GUI Access

For improved security, it is recommended to disable the default root@pam account GUI access once an administrative user exists:

pveum user modify root@pam --enable 0

To re-enable root GUI access:

pveum user modify root@pam --enable 1

Notes:

• Always update default passwords before production use.
• The admins group will retain Administrator privileges assigned through the ACL.
• Be sure to have at least one active administrative account before disabling root GUI access.
• All commands must be executed with root privileges (via shell or sudo).