Mailing List Archives Public Access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] Windows XP service pack 2

Date: Thu, 16 Sep 2004 17:12:12 -0500
From: Colin Stolley <stolley@xxxxxxxxxxx>
Subject: Re: [Condor-users] Windows XP service pack 2

For those of you attempting to work around the SP2 firewall:

I don't believe this is documented, but when a trusted application is added as an exception to the windows firewall, all child processes created by the trusted application are ALSO exceptions. So in Condor, this means that adding the full path to condor_master.exe is sufficient for circumventing the firewall.

What this also means is that user jobs will be excepted from the firewall as well. It appears there is no way to avoid this, though Microsoft has yet to confirm this for us (though they were quick to recommend ISA Server if finer-grained control is desired).

In the soon-to-be-released 6.6.7 version of Condor for Windows, the master will check to see if it is excepted, and if not, will automatically add itself to the list of trusted applications. This behavior will be enabled by default (and will have no effect on machines not running XP SP2 or running XP SP2 with the firewall disabled). To disable this feature, you'll have to add

ADD_WINDOWS_FIREWALL_EXCEPTION = False

to your config file.

Colin

References:
- RE: [Condor-users] Windows XP service pack 2
  - From: Wilding, Kevan A

Prev by Date: RE: [Condor-users] afs vs nfs vs separate file systems
Next by Date: Re: [Condor-users] afs vs nfs vs separate file systems
Previous by thread: RE: [Condor-users] Windows XP service pack 2
Next by thread: [Condor-users] run as user on windows
Index(es):
- Date
- Thread

Mailing List Archives

Public Access

Re: [Condor-users] Windows XP service pack 2