Mailing List Archives
Public Access
|
|
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif)
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] condor_store_cred failing
I had setup credd for run-as-owner purposes with the
following lines in the submit/exec machines:
STARTER_ALLOW_RUNAS_OWNER = True
CREDD_CACHE_LOCALLY = True
SEC_CLIENT_AUTHENTICATION_METHODS = NTSSPI,
PASSWORD
ALLOW_CONFIG = $(CONDOR_HOST),
$(FULL_HOSTNAME)
SEC_CONFIG_NEGOTIATION = REQUIRED
SEC_CONFIG_AUTHENTICATION = REQUIRED
SEC_CONFIG_ENCRYPTION = REQUIRED
SEC_CONFIG_INTEGRITY = REQUIRED
and I
used the example local.credd config on the master, with fields filled in as
appropriate. Credd was working quite happily. In the process of
debugging this particular issue, I commented out all of the above except
ALLOW_CONFIG on my submit machine (the CREDD_CACHE_LOCALLY worried me) and
removed all the credd stuff from the master's config but it still doesn't let me
store_cred.
I
(when setting up credd) managed to successfully set the pool password on all
machines and I was successfully running jobs as owner on all the exec
machines. Of course, I had done the store_cred add thing on my submit
machine before making the credd-related changes to the
configs.
thanks...
What is your security configuration method setting? For example, are you
using something similar to SEC_DEFAULT_AUTHENTICATION_METHODS =
NTSSPI?
You might not have the cred set up inappropriately as well (look
at C:\Condor\etc\condor_config.local.credd as a template).
Mike
-----condor-users-bounces@xxxxxxxxxxx wrote:
-----
To:
"'Condor-Users Mail List'" <condor-users@xxxxxxxxxxx>
From: William
Brodie-Tyrrell <William.Brodie-Tyrrell@xxxxxxxxxxxxxxxx>
Sent by:
condor-users-bounces@xxxxxxxxxxx
Date: 08/23/2010 10:20PM
Subject:
[Condor-users] condor_store_cred failing
Hi all,
more (hopefully
stupid) questions... I've had condor working for a month or
so now on Windows and tried to install a new submit machine today.
When running condor_store_cred add, it tells me "Operation failed. Make
sure your ALLOW_WRITE setting includes this host". I had this in the
config:
ALLOW_WRITE =
$(CONDOR_HOST), $(FULL_HOSTNAME)
and changed it to
ALLOW_WRITE = *
but it's still
giving me the same error. More disturbingly, it's now giving the error
on the machine where I had previously run this command successfully. I
can't find anything in the logs saying that there has been a
failed attempt to store a password. It also fails on store_cred
query.
any ideas?
--
William Brodie-Tyrrell,
B.E, Ph.D
Systems
Engineer
Modelling & Analysis
Direct + 61 8 8343 3376
william.brodie-tyrrell@xxxxxxxxxxxxxxxx
Saab Systems
21 Third Avenue, Mawson Lakes
SA 5095
Australia
www.saabsystems.com.au
------------------------
This e-mail is private and
confidential between the sender and the addressee.
In the event of misdirection, the
recipient is prohibited from using, copying or
disseminating it or any information
in it. Please notify the above if any misdirection
_______________________________________________
Condor-users mailing
list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx
with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users
The
archives can be found at:
https://lists.cs.wisc.edu/archive/condor-users/