[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] about condor_store_cred add

Tao.3.Chen@xxxxxxxxxxxxxxxxxxxxxxxxxxx wrote:

I am using condor 7.2.4, last Friday I changed the password, and then today I found there is an authentication problem, I can neither submit jobs nor run any jobs in the executor...After I checked the manual and online, then I updated my password with condor_store_cred add, I think now system partly works, but I got a little confused about the authentication method, can anyone help me to answer following few quesions? Thank you very much! (1) I saw from the dos command reference, I need to use condor_store_cred add to update my password, but in the manual I should use the condor_store_cred -c add, so what is the difference?

The "-c" option is to set a password used for password-based authentication of one Condor service to another. It is not used to start processes as a submitting user.

A condor administrator who want to setup strong authentication across Condor installation may use "condor_store_cred -c add" - see

A user simply submitting jobs into Condor should just run "condor_store_cred add".

(2) Should I only add credentials to submitter or both the submitter and executer?

Typically uou only need to run condor_store_cred on the submitter.

(3) Actually, I have 2 submitter, and 2 executor machines in condor system, but I only have access to 1 submitter and 1 executor(I install the condor software with my user account),so when I changed my password, shall I update it in both the submitter and executor? But howabout the other 2 machines, according to what I found, there seems some credential problem with another 2 PCs since I change my password(There should not be any problem with another 2 PCs,because I did not change them and have no access to config them)

You will either need to
1) re-reun condor_store_cred add on each submit host where you have jobs submitted (no need to worry about submit hosts where you do not submit jobs from)


2) setup your Condor environment to run the (optional) centralized condor_credd service. by running this service, you can run condor_store_cred once, and all machines in the pool that may need your credential can securely fetch it as needed.

More info on all of this is in sections 6.2.3 and 6.2.4 of the Manual -