[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] CREDD - Can't find address for credd host5.domain




Tamesgen,

I did a condor_reconfig -all as stated in the documentation, after entering the password in all the machines.
Just in case I have restarted all machines and the problem persists.

I think we need first solve the problem of getting the message that says the CREDD machine could not be found

04/07 12:40:50 Can't find address for credd host5.domain

and then HOST6 will be comunicating with HOST5 (CREDD_HOST) to see if the password is set or not and see PERMISSION GRANTED messages in the CreddLog in HOST5.

Am I correct?

Klaus




Temesgen T Tarefe <ttarefe@xxxxxxxxxx>
Sent by: condor-users-bounces@xxxxxxxxxxx

07/04/2011 11:57

Please respond to
Condor-Users Mail List <condor-users@xxxxxxxxxxx>

To
Condor-Users Mail List <condor-users@xxxxxxxxxxx>
cc
Subject
Re: [Condor-users] CREDD - Can't find address for credd host5.domain





Did you restart condor service after you saved the pool password?

----- Original Message -----
From: kschwarz@xxxxxxxxxxxxxx
To: "Condor-Users Mail List" <condor-users@xxxxxxxxxxx>
Sent: Thursday, April 7, 2011 10:25:16 AM
Subject: Re: [Condor-users] CREDD - Can't find address for credd host5.domain



Mike,

As I got this problem, I logged on each machine and have saved the Pool Password.

C:\Documents and Settings\kschwarz>condor_store_cred -c add
Account: condor_pool@domain

Enter password:

Operation succeeded.

C:\Documents and Settings\kschwarz>


The error message persists:

04/07 11:23:04 Can't find address for credd host5.domain

Klaus




"Michael O'Donnell" <odonnellm@xxxxxxxx>
Sent by: condor-users-bounces@xxxxxxxxxxx

07/04/2011 10:40
Please respond to
Condor-Users Mail List <condor-users@xxxxxxxxxxx>
               
To                  Condor-Users Mail List <condor-users@xxxxxxxxxxx>

cc                  

Subject                  Re: [Condor-users] CREDD - Can't find address for credd host5.domain
               




Have you stored the pool password on host 6. The UNDEF means there is no stored pool password.

condor_store_cred -c -n HOST6 -p Pool_pwd add

This needs to be executed on a machine with a SCHEDD, but you can read the manual for more specific information.

mike




From:                  kschwarz@xxxxxxxxxxxxxx
To:                  condor-users@xxxxxxxxxxx
Date:                  04/07/2011 07:17 AM
Subject:                  [Condor-users] CREDD - Can't find address for credd host5.domain
Sent by:                  condor-users-bounces@xxxxxxxxxxx






Hi,

I am using condor 7.4.4, and am trying to setup a CREDD in a pool of Windows machines (of three machines).
Central manager is setup on one machine (HOST3), CREDD is being configured on another machine (HOST5).
HOST5 is also a submit and execute host (during this access problem investigation only).
HOST6 is a submit and executor machine.

CREDD settings are:

for the whole pool:

####################################################################
## CREDD client settings
####################################################################
CREDD_HOST = host5
LOCAL_CREDD = host5
STARTER_ALLOW_RUNAS_OWNER = True
CREDD_CACHE_LOCALLY = True
##
## You'll also need to ensure that clients are configured to use
## PASSWORD authentication on any machine that can run jobs as the
## submitting user. For example,
##
SEC_CLIENT_AUTHENTICATION_METHODS = NTSSPI, PASSWORD
##
## And finally, you'll need to enable CONFIG-level access for all
## machines in the pool so that the pool password can be stored:
##
ALLOW_CONFIG = kschwarz@*, KSCHWARZ@*
SEC_CONFIG_NEGOTIATION = REQUIRED
SEC_CONFIG_AUTHENTICATION = REQUIRED
SEC_CONFIG_ENCRYPTION = REQUIRED
SEC_CONFIG_INTEGRITY = REQUIRED
#Domain name without wildcard in the beginning
UID_DOMAIN = domain


for the CREDD on HOST5 (in addition to the client setting above): Exactly the content of condor_config.local.credd as found in the condor distribution.

Looking in the CreddLog in HOST5, I find PERMISSION GRANTED messages for HOST5, but not for the other hosts (host6, for instance):

04/07 09:22:58 PERMISSION GRANTED to condor_pool@domain from host 10.13.4.184 for command 81100 (CREDD_NOP), access level DAEMON: reason: DAEMON authorization policy allows IP address 10.13.4.184; identifiers used for this remote host: 10.13.4.184,HOST5.domain

Note: 10.13.4.184 is the IP address of HOST5.domain (the Credd host).

Running the following command (as in Condor Manual) to check if credd is defined on the hosts:

C:\TEMP> condor_status -f "%-15s\t" Name -f "%s\n" ifThenElse(isUndefined(LocalCredd),\"UNDEF\",LocalCredd)
HOST5.domain           host5
HOST6.domain           UNDEF


Looking in the StartLog in HOST6, I have found the error message:

04/07 09:27:40 Can't find address for credd host5.domain

I have tried opening all permission to see if it fix the problem without success.

Any idea of what is preventing HOST6 to find HOST5?

Thanks,
Klaus

This message is intended solely for the use of its addressee and may contain privileged or confidential information. All information contained herein shall be treated as confidential and shall not be disclosed to any third party without Embraer’s prior written approval. If you are not the addressee you should not distribute, copy or file this message. In this case, please notify the sender and destroy its contents immediately.
Esta mensagem é para uso exclusivo de seu destinatário e pode conter informações privilegiadas e confidenciais. Todas as informações aqui contidas devem ser tratadas como confidenciais e não devem ser divulgadas a terceiros sem o prévio consentimento por escrito da Embraer. Se você não é o destinatário não deve distribuir, copiar ou arquivar a mensagem. Neste caso, por favor, notifique o remetente da mesma e destrua imediatamente a mensagem. _______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users

The archives can be found at:
https://lists.cs.wisc.edu/archive/condor-users/

_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users

The archives can be found at:
https://lists.cs.wisc.edu/archive/condor-users/



This message is intended solely for the use of its addressee and may contain privileged or confidential information. All information contained herein shall be treated as confidential and shall not be disclosed to any third party without Embraer’s prior written approval. If you are not the addressee you should not distribute, copy or file this message. In this case, please notify the sender and destroy its contents immediately.
Esta mensagem é para uso exclusivo de seu destinatário e pode conter informações privilegiadas e confidenciais. Todas as informações aqui contidas devem ser tratadas como confidenciais e não devem ser divulgadas a terceiros sem o prévio consentimento por escrito da Embraer. Se você não é o destinatário não deve distribuir, copiar ou arquivar a mensagem. Neste caso, por favor, notifique o remetente da mesma e destrua imediatamente a mensagem.
_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users

The archives can be found at:
https://lists.cs.wisc.edu/archive/condor-users/
_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users

The archives can be found at:
https://lists.cs.wisc.edu/archive/condor-users/



This message is intended solely for the use of its addressee and may contain privileged or confidential information. All information contained herein shall be treated as confidential and shall not be disclosed to any third party without Embraer’s prior written approval. If you are not the addressee you should not distribute, copy or file this message. In this case, please notify the sender and destroy its contents immediately.
Esta mensagem é para uso exclusivo de seu destinatário e pode conter informações privilegiadas e confidenciais. Todas as informações aqui contidas devem ser tratadas como confidenciais e não devem ser divulgadas a terceiros sem o prévio consentimento por escrito da Embraer. Se você não é o destinatário não deve distribuir, copiar ou arquivar a mensagem. Neste caso, por favor, notifique o remetente da mesma e destrua imediatamente a mensagem.

This message is intended solely for the use of its addressee and may contain privileged or confidential information. All information contained herein shall be treated as confidential and shall not be disclosed to any third party without Embraer’s prior written approval. If you are not the addressee you should not distribute, copy or file this message. In this case, please notify the sender and destroy its contents immediately.
Esta mensagem é para uso exclusivo de seu destinatário e pode conter informações privilegiadas e confidenciais. Todas as informações aqui contidas devem ser tratadas como confidenciais e não devem ser divulgadas a terceiros sem o prévio consentimento por escrito da Embraer. Se você não é o destinatário não deve distribuir, copiar ou arquivar a mensagem. Neste caso, por favor, notifique o remetente da mesma e destrua imediatamente a mensagem.