Mailing List Archives Public Access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] Setting Condor Job Owner in Windows

Date: Thu, 4 Oct 2007 12:30:02 -1000
From: "Diane" <diane@xxxxxxxxxxxxxxxxxx>
Subject: Re: [Condor-users] Setting Condor Job Owner in Windows

Thanks Todd,

Your last suggestion finally worked! 
I used -n winxp-dev-01 option on the condor submit command and the job ran
(as SYSTEM).

Note that I did not use the setting +Owner = "diane"
because when I did use 'diane' it seemed to get hung checking things (with
run time increasing) and SchedLog contained:

10/4 12:10:22 (pid:2152) perm::init: Lookup Account Name diane failed
(err=1332), using Everyone
10/4 12:10:22 (pid:2152) perm::init: Lookup Account Name diane failed
(err=1332), using Everyone

I'll look at that some more but for now at least condor is working running
as SYSTEM.

Also, I tried to set the creds for SYSTEM with a dummy pw as you suggest
below (from a SYSTEM cmd window), but the condor_store_cred command failed
because it couldn't find the host,
even though HOSTALLOW_WRITE=*.  I believe it's looking for SYSTEM@NT
AUTHORITY not WINXP-DEV-01.  Here is the exchange:

C:\WINDOWS\system32>\condor\bin\condor_store_cred add
Account: SYSTEM@NT AUTHORITY

Enter password:

Operation failed.
    Make sure your HOSTALLOW_WRITE setting includes this host.

C:\WINDOWS\system32>

I'll look at the above some more too, but setting that may not be necessary.

Thanks so much again,
Diane

-----Original Message-----
From: condor-users-bounces@xxxxxxxxxxx
[mailto:condor-users-bounces@xxxxxxxxxxx] On Behalf Of Todd Tannenbaum
Sent: Thursday, October 04, 2007 10:57 AM
To: Condor-Users Mail List
Subject: Re: [Condor-users] Setting Condor Job Owner in Windows

Diane wrote:
> Hi Todd,
> 
> Your idea sounded great! However, I tried it without success (the job
still
> starts as SYSTEM even thought the condor.submit file say +Owner = "diane",
> and I had reconfigured condor to disable Queue access checks).  The job
> never gets into the queue and returns with condor.error:
> 
> ERROR: No credential stored for SYSTEM@NT AUTHORITY
> 
> 	Correct this by running:
> 	condor_store_cred add
> 
> In hopes of figuring this out, I have included here the relevant parts of
> the condor logs (in particular SchedLog showing queue access checks
> disabled), and my condor.submit file. 
> 
> If you have any insights that would be great.

Ok, the formula in my previous post tells you how to setup Condor so 
User A (in your case, SYSTEM) can submit a job as User B (diane).

What I failed to say is how to disable the (normally helpful) check that 
condor_submit makes to be certain a password is stored for the user 
running condor_submit.  After all, you don't care that SYSTEM does not 
have a password stored since the job will run as diane ... but 
condor_submit isn't smart enough to know that.

However, if you use the "-n <schedd-name>" argument to condor_submit, it 
will not do this "see if a password is stored" check.  So to get it to 
work, try

   condor_submit -n winxp-dev-01 Condor.submit

Another idea that may be even easier:  As user "SYSTEM", run
   condor_store_cred add
and just give it a bogus password.  Condor won't ever use it, but 
condor_submit will be happy when it looks to see that one is stored.
If you don't know how to open up a command window as user SYSTEM, see
   http://blogs.msdn.com/adioltean/articles/271063.aspx
which gives one way to do it (personally, i made a service that does it).

Good Luck!  Let me know how it goes...

If it helps, below is a screenshot of a successful test I did:

C:\temp\test>whoami
SYSTEM

C:\temp\test>hostname
tannenbaum-t23

C:\temp\test>condor_submit -n tannenbaum-t23 test.sub
Submitting job(s).
1 job(s) submitted to cluster 37.

C:\temp\test>condor_q

-- Submitter: tannenbaum-t23 : <127.0.0.1:1357> : tannenbaum-t23
  ID      OWNER            SUBMITTED     RUN_TIME ST PRI SIZE CMD
   37.0   diane          10/4  15:41   0+00:00:00 H  0   9.8  test.sub

1 jobs; 0 idle, 0 running, 1 held

C:\temp\test>type test.sub
executable = test.sub
hold = true
+Owner = "diane"
universe = vanilla
queue

-- 
Todd Tannenbaum                       University of Wisconsin-Madison
Condor Project Research               Department of Computer Sciences
tannenba@xxxxxxxxxxx                  1210 W. Dayton St. Rm #4257

_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users

The archives can be found at: 
https://lists.cs.wisc.edu/archive/condor-users/

Follow-Ups:
- Re: [Condor-users] Setting Condor Job Owner in Windows
  - From: diane

References:
- [Condor-users] Setting Condor Job Owner in Windows
  - From: Diane
- Re: [Condor-users] Setting Condor Job Owner in Windows
  - From: Ben Burnett
- Re: [Condor-users] Setting Condor Job Owner in Windows
  - From: Diane
- Re: [Condor-users] Setting Condor Job Owner in Windows
  - From: Todd Tannenbaum
- Re: [Condor-users] Setting Condor Job Owner in Windows
  - From: Ben Burnett
- Re: [Condor-users] Setting Condor Job Owner in Windows
  - From: Todd Tannenbaum
- Re: [Condor-users] Setting Condor Job Owner in Windows
  - From: Diane
- Re: [Condor-users] Setting Condor Job Owner in Windows
  - From: Todd Tannenbaum

Prev by Date: Re: [Condor-users] Setting Condor Job Owner in Windows
Next by Date: Re: [Condor-users] Condor_q hanging with SOAP
Previous by thread: Re: [Condor-users] Setting Condor Job Owner in Windows
Next by thread: Re: [Condor-users] Setting Condor Job Owner in Windows
Index(es):
- Date
- Thread

Mailing List Archives

Public Access

Re: [Condor-users] Setting Condor Job Owner in Windows