Mailing List ArchivesPublic Access |
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesPublic Access |
|
> -----Original Message-----
> From: HTCondor-users [mailto:htcondor-users-bounces@xxxxxxxxxxx] On Behalf
> Of Durnan, Andy
> Sent: Friday, October 02, 2015 8:47 AM
> To: htcondor-users@xxxxxxxxxxx
> Subject: [HTCondor-users] HTCondor with smartcard logon
>
> Hello,
>
> All job submissions go idle when smartcard authentication is enforced. I've
> implemented credd per the guidance in the 8.4.0 manual to no avail.
The high-level issue here is that in order to run jobs on the execute machines as a specific user, HTCondor needs to "log in" as that user on the execute machine before running the job.
When you are requiring smartcard logon, HTCondor can no longer do that, even if you have stored the password using the CredD.
One option is to run the jobs as either "nobody" users or "slot users". Check out this section:
 http://research.cs.wisc.edu/htcondor/manual/v8.4/7_2Microsoft_Windows.html
And this one:
 http://research.cs.wisc.edu/htcondor/manual/v8.4/3_3Configuration.html#21746
Basically, if you'll require smartcard logon, jobs will not be allowed to run as their owner. This is normally the default on Windows, so have you changed settings such as STARTER_ALLOW_RUNAS_OWNER?
Cheers,
-zach
_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/