Hi Greg,
I'm attempting to add another machine to my pool, and I'm having the
same problem. All previous comments apply, with the following new
discoveries added:
- when I log into the "problem machine" as myself, I can
successfully add/query credentials for myself as well as the other user
(owner of the machine). However, when the owner of the machine logs
into his machine, he gets the error shown below.
- when the user in question (owner of the new machine) logs into MY
machine, he CANNOT add/query any condor credentials (fails with the
same error as below).
- when the user in question logs into the central manager (also
runs the Credd), he can successfully add/query his condor credentials.
So the problem seems to be more or less isolated to the actual user,
rather than his machine. Are there any other debug hints
that you can provide?
Thanks,
Richard.
Richard Grieve wrote:
Hi Greg,
I believe the answer is yes to both questions. We are on Windows
domain environment - the user for which we are trying to add
credentials can log in to the domain on both his PC and on the
machine running the Credd. In fact, I've also tried adding my own
credentials on the problem PC, and it fails with the same error even
though I've successfully added my credentials to the rest of the PCs in
the pool. I believe it is related to the actual machine rather than
the user. In this pool, all PCs use identical config files
(independently copied to the local_dir). I have NOT yet tried
uninstall/reinstall on this machine.
Richard.
Greg Quinn wrote:
Richard Grieve wrote:
Hi,
I have a handful of PCs (all WinXP) in my pool, running 6.8.2. I having
problems with condor_store_cred on just one PC. All the others run
condor_store_cred just fine. All PCs (including the problem PC) have
the pool password set and are able to run jobs. Here is the output from
condor_store_cred add:
[user@computer]$ condor_store_cred add
Account: user@domain <mailto:dpeppy@AD3>
Enter password:
Operation failed.
Make sure your HOSTALLOW_WRITE setting includes this host.
...
3/8 16:15:10 AUTHENTICATE: will try to use 16 (NTSSPI)
3/8 16:15:10 sspi_server_auth() entered
3/8 16:15:10 sspi_server_auth() looping
3/8 16:15:10 sspi_server_auth(): Oops! ASC() returned -2146893044!
3/8 16:15:10 sspi_server_auth(): Failed to impersonate (returns
-2146893055)!
3/8 16:15:10 sspi_server_auth() exiting
3/8 16:15:10 AUTHENTICATE: method 16 (NTSSPI) failed.
Any help is appreciated.
It appears as though NTSSPI authentication is failing. Are you running a
Windows domain environment, with common accounts on all the involved
machines? If not, does the account for which you are trying to store a
password have the same username/password on both the "problem PC" and
the machine running the CredD?
If the answer is no to both these questions, NTSSPI authentication will
not work between two distinct machines.
Greg Quinn
Condor Team
_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users
The archives can be found at either
https://lists.cs.wisc.edu/archive/condor-users/
http://www.opencondor.org/spaces/viewmailarchive.action?key=CONDOR
_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users
The archives can be found at either
https://lists.cs.wisc.edu/archive/condor-users/
http://www.opencondor.org/spaces/viewmailarchive.action?key=CONDOR
|
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}