[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] GSI authentication succeeds but authorization fails
- Date: Tue, 25 Sep 2007 14:49:34 -0500
- From: Scott Koranda <skoranda@xxxxxxxxxxxxxxxxxxxx>
- Subject: Re: [Condor-users] GSI authentication succeeds but authorization fails
> > Why am I not authorized?
> the log shows you are being mapped to skoranda@xxxxxxxxxxxxxxxxxxxxxxx while
> the allow list has:
> ALLOW_READ = skoranda@xxxxxxxxxxxx/ldg-portal.phys.uwm.edu
> basically, your authz rule is missing the 'ldg-portal' on the left hand side
> of the slash.
> i think you meant to write:
> ALLOW_READ = skoranda@xxxxxxxxxxxxxxxxxxxxxxx/ldg-portal.phys.uwm.edu
I don't understand.
The manual indicates that the form is
"Each macro is defined by a comma-separated list of fully
qualified users. Each fully qualified user is described using
the following format:
The information to the left of the slash character describes a
user within a domain. The information to the right of the
slash character describes one or more machines from which the
user would be issuing a command. This host name may take the
form of either a fully qualified host name of the form
or an IP address of the form
An example is
How does skoranda@xxxxxxxxxxxx/ldg-portal.phys.uwm.edu differ
from zmiller@xxxxxxxxxxx/bird.cs.wisc.edu ?
> Condor-users mailing list
> To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
> subject: Unsubscribe
> You can also unsubscribe by visiting
> The archives can be found at: