Re: [Condor-users] user based authorization not working

["Dr Ian C. Smith" <i.c.smith@xxxxxxxxxxxxxxx>]

Hi Zach,

I guess the authentication is NIS+. At present we restrict
login access to the submit host but I wan't to make
doubly sure that only registered Condor users can submit Condor
jobs. I was assuming that I could do this by adding
their fully qualified names in the master config file
(rather than allowing any users on the submit host
to submit jobs by specifying just the host name).
I appreciate that I cannot authenticate users
on the windows execute hosts because of lack of common scheme.
The submit and master hosts share UIDs so we can be certain
that fred@submit is the same user as fred@master.

cheers,

-ian.

--On 13 February 2006 09:57 -0600 Zachary Miller <zmiller@xxxxxxxxxxx> 
wrote:

> On Mon, Feb 13, 2006 at 02:55:16PM +0000, Dr Ian C. Smith wrote:
> > Hi,
> >
> > I'm having problems setting up user based
> > authorization in my Condor pool although host/IP
> > based authorization works fine. I have
> > a UNIX based master, a separate UNIX submit
> > host and several windows execution hosts.
>
> user based authorization requires that the users authenticate.  what
> method of authentication are you using?
>
> also, you should know that there are currently no "REAL" methods of
> authentication in common between windows and unix platforms, which is
> likely changing in the next developer release (windows will finally
> support kerberos and SSL).
>
> (the CLAIMTOBE method is supported by both, but this method of
> authentication  is really for testing purposes since it provides no real
> security)
>
>
> cheers,
> -zach
>
> _______________________________________________
> Condor-users mailing list
> Condor-users@xxxxxxxxxxx
> https://lists.cs.wisc.edu/mailman/listinfo/condor-users