[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] Windows encrypt on disk for execute nodes of jobfiles
- Date: Thu, 19 Aug 2004 21:51:52 -0500
- From: Colin Stolley <stolley@xxxxxxxxxxx>
- Subject: Re: [Condor-users] Windows encrypt on disk for execute nodes of jobfiles
Hi,I'm not Todd, but I'm pretty sure that he was referring to EFS support.
Todd Tannenbaums presentation on "whats new" at the condor week in april
stated that on disk encryption was now available for Windows in version 6.6. I
have noted a thread on Windows EFS support. Is this was the presentation
referance was to?
In either case how do you get it to work? I have added the encrypt executeNo, Windows 2000 should work fine. Here's two things to check:
directory entry to the config file as suggested in the list thread but this
doesn't cause encryption on Windows 2000 where I am testing. The thread left the
discussion at that point. Is XP required?
1. Verify that you've correctly spelled
ENCRYPT_EXECUTE_DIRECTORY = True
in your config file, and that this setting is reflected on your execute
2. While a job is running, if you can get an administrator shell
started, you should find a hidden Desktop.ini file in the execute
directory (the dir_#### directory underneath EXECUTE). The file should
contain two lines:
if the file isn't there, or doesn't contain those two lines, check the
starter log for error messages.
Assuming all goes well, you should be able to do a 'dir' on the execute
directory, but attempting to read the contents of the files should fail
with Access Denied. Only the person that created the execute directory
(in this case, probably condor-reuse-vm1) should be able to successfully
read any of the files.