Re: [Condor-users] problems with credd

["Chin, Tammy" <chint@xxxxxxx>]

Title: RE: [Condor-users] problems with credd

Hi Greg,

Good call!

I had an extra definition of UID_DOMAIN (*.aecl.ca rather than aecl.ca) at the end of my condor_config.
- Got rid of it
- did a condor_store_cred -c add for all machines
- changed the debugging level for CREDD to FULLDEBUG
- did a condor_reconfig -all

All the machines except one are now running the whoami job.

Piece of the credd log:

5/10 09:19:14 DaemonCore: PERMISSION DENIED to condor_pool@xxxxxxx from host <132.225.62.121:3448> for command 81099 (CREDD_GET_PASSWD)

5/10 09:19:17 SEC_DEBUG_PRINT_KEYS is undefined, using default value of False
5/10 09:19:17 Found credential for user 'condor_pool'
5/10 09:19:17 Found credential for user 'condor_pool'
5/10 09:19:17 SEC_DEBUG_PRINT_KEYS is undefined, using default value of False
5/10 09:19:17 DaemonCore: PERMISSION DENIED to condor_pool@xxxxxxx from host <132.225.62.121:3454> for command 81099 (CREDD_GET_PASSWD)

I have confirmed that the condor_config file on that machine is the same as on every other machine in the pool. I have redone the condor_store_cred -n -c for that machine, I have done both a condor_reconfig and a restart of the service on that machine. I have rebooted that machine and the master node and still no change.

Strangely, if I log into that machine and do a condor_store_cred delete for myself, I see the delete happening in the credd log.

Thanks,

Tammy

-----Original Message-----
From: condor-users-bounces@xxxxxxxxxxx
[mailto:condor-users-bounces@xxxxxxxxxxx]On Behalf Of Greg Quinn
Sent: May 9, 2006 4:53 PM
To: Condor-Users Mail List
Subject: Re: [Condor-users] problems with credd

Chin, Tammy wrote:
> Hi,
>
> I've been attempting to get the credd running under WINXP so that I can
> use the runas_owner option. Can anyone shed some light on this?
>
> I am not even attempting to run jobs, but I keep getting the following
> errors in my credd log:
>
> 5/9 15:58:16 DaemonCore: PERMISSION DENIED to condor_pool@*.aecl.ca from
> host <132.225.62.121:3295> for command 81100 (CREDD_NOP)

Tammy,

It looks like PASSWORD authentication is working, but authorization is
failing. What is your UID_DOMAIN config parameter set to?

Greg
_______________________________________________
Condor-users mailing list
Condor-users@xxxxxxxxxxx
https://lists.cs.wisc.edu/mailman/listinfo/condor-users

CONFIDENTIAL AND PRIVILEGED INFORMATION NOTICE

This e-mail, and any attachments, may contain information that
is confidential, subject to copyright, or exempt from disclosure.
Any unauthorized review, disclosure, retransmission, 
dissemination or other use of or reliance on this information 
may be unlawful and is strictly prohibited.  

AVIS D'INFORMATION CONFIDENTIELLE ET PRIVILÉGIÉE

Le présent courriel, et toute pièce jointe, peut contenir de 
l'information qui est confidentielle, régie par les droits 
d'auteur, ou interdite de divulgation. Tout examen, 
divulgation, retransmission, diffusion ou autres utilisations 
non autorisées de l'information ou dépendance non autorisée 
envers celle-ci peut être illégale et est strictement interdite.