[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] Setting Condor Job Owner in Windows

Thanks Todd,

Your last suggestion finally worked! 
I used -n winxp-dev-01 option on the condor submit command and the job ran
(as SYSTEM).

Note that I did not use the setting +Owner = "diane"
because when I did use 'diane' it seemed to get hung checking things (with
run time increasing) and SchedLog contained:

10/4 12:10:22 (pid:2152) perm::init: Lookup Account Name diane failed
(err=1332), using Everyone
10/4 12:10:22 (pid:2152) perm::init: Lookup Account Name diane failed
(err=1332), using Everyone

I'll look at that some more but for now at least condor is working running

Also, I tried to set the creds for SYSTEM with a dummy pw as you suggest
below (from a SYSTEM cmd window), but the condor_store_cred command failed
because it couldn't find the host,
even though HOSTALLOW_WRITE=*.  I believe it's looking for SYSTEM@NT
AUTHORITY not WINXP-DEV-01.  Here is the exchange:

C:\WINDOWS\system32>\condor\bin\condor_store_cred add

Enter password:

Operation failed.
    Make sure your HOSTALLOW_WRITE setting includes this host.


I'll look at the above some more too, but setting that may not be necessary.

Thanks so much again,

-----Original Message-----
From: condor-users-bounces@xxxxxxxxxxx
[mailto:condor-users-bounces@xxxxxxxxxxx] On Behalf Of Todd Tannenbaum
Sent: Thursday, October 04, 2007 10:57 AM
To: Condor-Users Mail List
Subject: Re: [Condor-users] Setting Condor Job Owner in Windows

Diane wrote:
> Hi Todd,
> Your idea sounded great! However, I tried it without success (the job
> starts as SYSTEM even thought the condor.submit file say +Owner = "diane",
> and I had reconfigured condor to disable Queue access checks).  The job
> never gets into the queue and returns with condor.error:
> ERROR: No credential stored for SYSTEM@NT AUTHORITY
> 	Correct this by running:
> 	condor_store_cred add
> In hopes of figuring this out, I have included here the relevant parts of
> the condor logs (in particular SchedLog showing queue access checks
> disabled), and my condor.submit file. 
> If you have any insights that would be great.

Ok, the formula in my previous post tells you how to setup Condor so 
User A (in your case, SYSTEM) can submit a job as User B (diane).

What I failed to say is how to disable the (normally helpful) check that 
condor_submit makes to be certain a password is stored for the user 
running condor_submit.  After all, you don't care that SYSTEM does not 
have a password stored since the job will run as diane ... but 
condor_submit isn't smart enough to know that.

However, if you use the "-n <schedd-name>" argument to condor_submit, it 
will not do this "see if a password is stored" check.  So to get it to 
work, try

   condor_submit -n winxp-dev-01 Condor.submit

Another idea that may be even easier:  As user "SYSTEM", run
   condor_store_cred add
and just give it a bogus password.  Condor won't ever use it, but 
condor_submit will be happy when it looks to see that one is stored.
If you don't know how to open up a command window as user SYSTEM, see
which gives one way to do it (personally, i made a service that does it).

Good Luck!  Let me know how it goes...

If it helps, below is a screenshot of a successful test I did:



C:\temp\test>condor_submit -n tannenbaum-t23 test.sub
Submitting job(s).
1 job(s) submitted to cluster 37.


-- Submitter: tannenbaum-t23 : <> : tannenbaum-t23
   37.0   diane          10/4  15:41   0+00:00:00 H  0   9.8  test.sub

1 jobs; 0 idle, 0 running, 1 held

C:\temp\test>type test.sub
executable = test.sub
hold = true
+Owner = "diane"
universe = vanilla

Todd Tannenbaum                       University of Wisconsin-Madison
Condor Project Research               Department of Computer Sciences
tannenba@xxxxxxxxxxx                  1210 W. Dayton St. Rm #4257

Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting

The archives can be found at: