[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] user based authorization not working

Hi Zach,

I guess the authentication is NIS+. At present we restrict
login access to the submit host but I wan't to make
doubly sure that only registered Condor users can submit Condor
jobs. I was assuming that I could do this by adding
their fully qualified names in the master config file
(rather than allowing any users on the submit host
to submit jobs by specifying just the host name).
I appreciate that I cannot authenticate users
on the windows execute hosts because of lack of common scheme.
The submit and master hosts share UIDs so we can be certain
that fred@submit is the same user as fred@master.



--On 13 February 2006 09:57 -0600 Zachary Miller <zmiller@xxxxxxxxxxx> wrote:

On Mon, Feb 13, 2006 at 02:55:16PM +0000, Dr Ian C. Smith wrote:

I'm having problems setting up user based
authorization in my Condor pool although host/IP
based authorization works fine. I have
a UNIX based master, a separate UNIX submit
host and several windows execution hosts.

user based authorization requires that the users authenticate.  what
method of authentication are you using?

also, you should know that there are currently no "REAL" methods of
authentication in common between windows and unix platforms, which is
likely changing in the next developer release (windows will finally
support kerberos and SSL).

(the CLAIMTOBE method is supported by both, but this method of
authentication  is really for testing purposes since it provides no real


Condor-users mailing list