[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] Commands '10' & '49' + LDAP server



Hi Todd,

	thanks, but having only ONE Collector and ONE Negotiator running in my
pool makes things work properly. :-) (see my previous post)
Obviously I put the wrong 'config' file in my cfengine directory, so
that it was errorneously distributed to all my clients...

Nevertheless I'd like to thank you and Erik again for the quick replies,
	Ralf








Todd Tannenbaum schrieb:
> Ralf Auer wrote:
>> ---------------------------------------------------------------------
>> 5/6 21:39:11 DaemonCore: PERMISSION DENIED to unknown user from host
>> <xxx.xxx.xxx.xxx:9168> for command 10 (QUERY_STARTD_PVT_ADS)
>> 5/6 21:39:11 DaemonCore: PERMISSION DENIED to unknown user from host
>> <xxx.xxx.xxx.xxx:9482> for command 49 (UPDATE_NEGOTIATOR_AD)
>> 5/6 21:39:57 (Sending 119 ads in response to query)
>> 5/6 21:39:58 Got QUERY_STARTD_PVT_ADS
>> 5/6 21:39:58 (Sending 58 ads in response to query)
>> 5/6 21:40:06 Accumulating data: Time=1178480406
>> 5/6 21:41:06 Accumulating data: Time=1178480466
>> 5/6 21:41:07 NegotiatorAd  : Inserting ** "< servername_goes_here >"
>> ---------------------------------------------------------------------
>>
>> I can find these errors for all of my Clients. I have set the
>> HOST_ALLOW_READ & HOST_ALLOW_WRITE in the global config-file correctly
> 
> Could it just be spelling?  The proper settings are HOSTALLOW_READ etc,
> not HOST_ALLOW_READ (note the number of underscores).
> 
> One of the errors above is for updating the negotiator ad.  Actually, 
> both of those errors are relating to denying access to the 
> condor_negotiator process.  What is your setting for 
> HOSTALLOW_NEGOTIATOR ?  It should be set to be whatever machine is 
> running your central manager.  If it is, then in the above error 
> snippet, are the IP addresses those of your central manager?  If not, 
> then you are running another instance of the condor_negotiator on 
> another machine!!!! (good thing the collector isn't accepting it!).
> 
> Also, do you have any ALLOW_READ/ALLOW_WRITE settings (note absence of
> "host") settings?
> 
> To eliminate possibilities of reverse-lookup with LDAP etc, try using IP
> addresses instead of hostnames, e.g. maybe
>    HOSTALLOW_WRITE = 144.92.*, 155.22.*
> instead of
>    HOSTALLOW_WRITE = *.mydomain.com
> 
> Just some initial thoughts, hope they help.
> Todd
> 
> 
> _______________________________________________
> Condor-users mailing list
> To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
> subject: Unsubscribe
> You can also unsubscribe by visiting
> https://lists.cs.wisc.edu/mailman/listinfo/condor-users
> 
> The archives can be found at either
> https://lists.cs.wisc.edu/archive/condor-users/
> http://www.opencondor.org/spaces/viewmailarchive.action?key=CONDOR

-- 

Ralf Auer	
Physics Institute IV			Office: 2.137
University of Erlangen-Nuremberg	Phone:	+49-9131-8527087
Erwin-Rommel-Str. 1			Fax:	+49-9131-15249
D-91058 Erlangen, Germany		Ralf.Auer@xxxxxxxxxxxxxxxxxxxxxx