On Thu, Mar 12, 2015 at 02:43:44PM +1300, jcalitz wrote:
Hi all
We have Linux, OSX and Windows machines in our condor pool. So far,
job submissions were done from a some OSX and Linux machines only, which
worked fine.
Trying to submit a job from a Windows machine(123.123.123.123) resulted
in this error message:
ERROR: Failed to connect to local queue manager
and in the schedd log file:
"authorization of 123.123.123.123 did not result in a valid mapped user
name, which is required for this command"
I presumed this points to our security mapfile mapping "condor" and
"admin" users only. We have the following security config entries
That's part of the reason.
SEC_CLIENT_AUTHENTICATION_METHODS = fs, ssl, password
The problem here is that now that you've added a Windows machine, your
list of methods the client can use doesn't include the default Windows
authentication mechanism, NTSSPI. I would set:
SEC_CLIENT_AUTHENTICATION_METHODS = fs, ntsspi, ssl, password
And you should be all set.
Longer answer: Behind the scenes, the Linux and OSX daemons include FS as a
default (and not NTSSPI), and Windows daemons include NTSSPI (and not FS).
Your client list can include as many as you like... the server will reconcile
the two lists, so there's no "danger" in including NTSSPI on Linux and FS on
Windows.
Cheers,
-zach
_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}