Mailing List ArchivesPublic Access |
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesPublic Access |
|
On one of our machines, <first-machine-name> (Windows 7, 64-bit, condor 7.4.1), condor_q -global fails with the following error: -- Failed to fetch ads from: <10.1.2.22:9686> : <second-machine-name> When looking at the SchedLog on <second-machine-name> (Windows XP, 32-bit, condor 7.4.1) I find: 05/03 17:29:53 (pid:4144) PERMISSION DENIED to unauthenticated user from host 10.1.2.143 for command 1111 (QMGMT_CMD), access level READ: reason: READ authorization policy contains no matching ALLOW entry for this request; identifiers used for this host: 10.1.2.143,<first-machine-name> and: 05/03 18:12:04 (pid:4144) PERMISSION DENIED to unauthenticated user from host 10.1.2.143 for command 1111 (QMGMT_CMD), access level READ: reason: cached result for READ; see first case for the full reason Both <first-machine-name> and <second-machine-name> have ALLOW_READ/WRITE = *.<our-domain-name>. The curious thing is that in the first message of the SchedLog from <second-machine-name>, the <first-machine-name> does not contain <our-domain-name>. I think that changing ALLOW_READ/WRITE to be "*" would solve the problem, but I would rather not do that. We have other similarly configured machines that appear to be OK. |