[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] New feature request: condor_store_cred verify
- Date: Thu, 16 Dec 2004 17:06:51 -0600
- From: Colin Stolley <stolley@xxxxxxxxxxx>
- Subject: Re: [Condor-users] New feature request: condor_store_cred verify
To follow up on this thread:
Starting in 6.6.8 (and 6.7.3) the 'condor_store_cred query' command will
only succeed if the credential is both stored and valid. In the case of
a stored, but invalid credential, condor_store_cred reports this and
advises to re-run 'condor_store_cred add'.
Ian Chesal Wrote:
The scenario: user changes their NT password and then forgets to run
condor_store_cred delete/add to update the stored credentials. The
trouble arises when a scripted interface to condor uses
"condor_store_cred query" to ensure the user has stored their
credentials -- it returns true if the credentials are stored, even if
they are stale. It would be useful to either augment the query argument
or add a verify argument to condor_store_cred that checks the stored
credentials to make sure a user's credentials that are stored work.
Currently users see errors in their shadow.log file if their credentials
aren't working. I don't want to have to educate my users on Condor log
Seems like a trivial thing to check that the stored credentials function
properly on-demand like this.