[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] SSL + windows

>  However when I run condor_submit I have in the SchedLog on Windows
> SetAttribute security violation: setting owner to "administrateur"
> when active owner is "ssl"

you will also need to set up the CERTIFICATE_MAPFILE in order to map
the ssl credentials to actual users.  here's the manual entry:

and here's an example:

FS (.*) \1
FS_REMOTE (.*) \1
SSL "^/DC=org/DC=doegrids/OU=People/CN=Zach Miller 139787$" zmiller@xxxxxxxxxxx
KERBEROS (.*) \1
NTSSPI (.*) \1
CLAIMTOBE (.*) nobody
PASSWORD (.*) \1

in the above example, you can see that it maps my subject name explicitly to
the user "zmiller@xxxxxxxxxxx".  you will want to map the name to the user who
is submitting the job.

as a side note, it seems you are submitting as the admin user.  i'd recommend
submitting as a regular user.