Re: [HTCondor-users] Making a fully qualified user gain submit access map to a non-fully qualified user as HTCondor sees them

[Willam Taylor <wmtaylor@xxxxxxxx>]

Hey zach! :-)

whoami returns the @ fully qualified domain user

Would greatly appreciate a solution. This submit node has been 
progressing through UW Health request processes for probably 9-10 
months. It would be great to have a solution as UW Health and their use 
of accounts via active directory will not change. Our researcher is 
currently working via a CHTC submit node but our will have access to a 
very large SAN providing redundant storage. Also this researcher 
collects many terabytes of cancer data yearly(>6 Terabytes/year) and we 
need them to have deep disk space pockets.

So a solution is needed but it does not need to be instant. Soon is good 
enough.

bt

Bill Taylor  voip 608-261-1478 (cell 608-219-4430)
Infrastructural Technologies
Informatics System Specialist
Biomedical Informatics Core
UW ICTR

On 3/7/2018 11:16 AM, Zach Miller wrote:
> Hi Bill,
>
> Let me guess... this is an Active Directory environment?
>
> When you type 'whoami' at the command line, do you get a simple username, or something containing an '@' sign?
>
> If it's the latter, this is a problem.  HTCondor doesn't currently handle usernames with an '@' in them because of some assumptions it makes.
>
> It's something I'm aware of and was actually going to spend some time on Thursday looking into for a possible hack/workaround.  I'll let you know if I have any success there.
>
>
> Cheers,
> -zach
>
>
> > -----Original Message-----
> > From: HTCondor-users [mailto:htcondor-users-bounces@xxxxxxxxxxx] On Behalf
> > Of Willam Taylor
> > Sent: Wednesday, March 07, 2018 9:24 AM
> > To: htcondor-users@xxxxxxxxxxx
> > Subject: [HTCondor-users] Making a fully qualified user gain submit access
> > map to a non-fully qualified user as HTCondor sees them
> >
> > Logon and file permissions are xxxxxxxx@xxxxxxxxx but HTCondor fails
> > because it wants the owner to be xxxxxxx which is not a valid user.
> >
> > I have set a GSI_DAEMON_DIRECTORY and have placed a grid-mapfile there
> > but the suggested entry does not seem to work:
> >
> > /*/\0@xxxxxxxxxxxxxxxxxxx
> >
> > I am failing to find examples for a case like this.
> >
> > Thanks in advance
> >
> > --
> >
> > Bill Taylor  voip 608-261-1478 (cell 608-219-4430)
> > Infrastructural Technologies
> > Informatics System Specialist
> > Biomedical Informatics Core
> > UW ICTR
> >
> > _______________________________________________
> > HTCondor-users mailing list
> > To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
> > subject: Unsubscribe
> > You can also unsubscribe by visiting
> > https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
> >
> > The archives can be found at:
> > https://lists.cs.wisc.edu/archive/htcondor-users/
> _______________________________________________
> HTCondor-users mailing list
> To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
> subject: Unsubscribe
> You can also unsubscribe by visiting
> https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
>
> The archives can be found at:
> https://lists.cs.wisc.edu/archive/htcondor-users/