[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] CONDOR_CREDD daemon failed to authenticate




On Nov 10, 2008, at 7:31 AM, kschwarz@xxxxxxxxxxxxxx wrote:


Hi all,

I am trying to configure a CREDD_HOST to run jobs as owner on Windows executor machines.

The following macros were set in the condor_config.INTEL.WINNT51 file accessible to all Windows machines. These macros are recommended in the condor_config.local.credd file.

CREDD_HOST = PC205923.corp.ad.emb
STARTER_ALLOW_RUNAS_OWNER = True
CREDD_CACHE_LOCALLY = True
SEC_CLIENT_AUTHENTICATION_METHODS = NTSSPI, PASSWORD

Condor Central Manager was not changed (yet).

Hi Klaus,

So does this mean that the Central manager is not configured to use password authentication? That may be the problem here.

It might also be useful to see what you get in the CredLog when CRED_DEBUG = D_SECURITY. This will allow you to see more detail about why the authentication fails.

Cheers,

-Ian


On the PC205923 machine, we included the condor_config.local.credd file to configure this node as Credd host:. This file is as supplied in the c:\condor\etc.

The following is the CreddLog file:

11/10 09:33:46 ******************************************************
11/10 09:33:46 ** condor_credd.exe (CONDOR_CREDD) STARTING UP
11/10 09:33:46 ** C:\Condor\bin\condor_credd.exe
11/10 09:33:46 ** $CondorVersion: 7.0.4 Jul 16 2008 BuildID: 95033 $
11/10 09:33:46 ** $CondorPlatform: INTEL-WINNT50 $
11/10 09:33:46 ** PID = 2496
11/10 09:33:46 ** Log last touched time unavailable (No such file or directory)
11/10 09:33:46 ******************************************************
11/10 09:33:46 Using config source: C:\condor\condor_config
11/10 09:33:47 Using local config sources:
11/10 09:33:47    \\smbsjk01\grid_env\CONDOR\condor_config.1
11/10 09:33:47 \\smbsjk01\grid_env\CONDOR \condor_config.INTEL.WINNT51
11/10 09:33:47    \\smbsjk01\grid_env\CONDOR\condor_config.common
11/10 09:33:47 \\smbsjk01\grid_env\CONDOR \PC205923\condor_config.local 11/10 09:33:47 \\smbsjk01\grid_env\CONDOR \PC205923\condor_config.local.credd
11/10 09:33:47 DaemonCore: Command Socket at <10.3.28.196:9620>
11/10 09:33:47 main_init() called
11/10 09:33:48 ZKM: setting default map to (null)
11/10 09:33:48 Calling Handler <<10.3.29.209:9618>>
11/10 09:33:48 AUTHENTICATE: no available authentication methods succeeded, failing! 11/10 09:33:48 ERROR: SECMAN:2004:Failed to start a session to <10.3.29.209:9618> with TCP|AUTHENTICATE:1003:Failed to authenticate with any method 11/10 09:33:48 Failed to start non-blocking update to <10.3.29.209:9618>.
11/10 09:33:48 Return from Handler <<10.3.29.209:9618>>

The IP address 10.3.29.209 corresponds to the PC222771 hostname that is our Condor Central Manager running on Linux. User account in Windows and Linux are not the same.

All executor hosts are Windows based machines. Condor_Credd is started on PC205923 (also Windows based).

Could someone give me directions to fix this?

Klaus

--
===================================
Ian D. Alderman
cell: 608.217.9959
main: 888.292.5320

Cycle Computing, LLC
Leader in Condor Grid Solutions
Enterprise Condor Support and Management Tools