Mailing List Archives Public Access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] help needed to troubleshoot a "SECMAN: FAILED" issue

Date: Thu, 28 May 2020 15:29:44 +0100
From: jcaballero.hep@xxxxxxxxx
Subject: Re: [HTCondor-users] help needed to troubleshoot a "SECMAN: FAILED" issue

El jue., 28 may. 2020 a las 15:17, Jose Caballero
(<jcaballero.hep@xxxxxxxxx>) escribiÃ:
>
> Hi,
>
> I need some guidance here.
>
> I am trying to setup a testing Schedd and add it to an existing pool.
> It has the same configuration that the other Schedd's on production.
> However, there is a difference, my testing Schedd is on a host with a
> different domain name that the rest of the infrastructure. I feel that
> is part of the problem here.
>
> When I try to run condor_q remotely against the new test schedd, I get
> this in the SchedLog
>
> SECMAN: FAILED: Received "DENIED" from server for user
> condor_pool@<a_domain_name> using method PASSWORD.
>
> where the <a_domain_name> is the domain name of the production
> infrastructure, not the domain name of this testing schedd.
> Is that a problem?
>
> Extra info, let me know if there is something else I need to provide:
>
> ======================================
> # condor_config_val SEC_PASSWORD_FILE
> /etc/condor/pool_password
>
> # ls -l /etc/condor/pool_password
> -r-------- 1 root root 256 May 28 13:22 /etc/condor/pool_password
>
> # rpm -qa | grep condor
> condor-std-universe-8.6.13-1.el7.x86_64
> condor-8.6.13-1.el7.x86_64
> condor-procd-8.6.13-1.el7.x86_64
> condor-externals-8.6.13-1.el7.x86_64
> condor-external-libs-8.6.13-1.el7.x86_64
> condor-kbdd-8.6.13-1.el7.x86_64
> condor-cream-gahp-8.6.13-1.el7.x86_64
> condor-python-8.6.13-1.el7.x86_64
> condor-all-8.6.13-1.el7.x86_64
> condor-vm-gahp-8.6.13-1.el7.x86_64
> condor-bosco-8.6.13-1.el7.x86_64
> condor-classads-8.6.13-1.el7.x86_64
> ======================================
>
> Thanks a lot in advance.
> Cheers,
> Jose

An extra piece of info.
>From the NegotiatorLog, replacing again real values by <foo>:

======================================
05/28/20 15:06:39 PERMISSION DENIED to condor_pool@<a_domain_name>
from host <the_schedd_ip> for command 421 (Reschedule), access level
DAEMON: reason: cached result for DAEMON; see first case for the full
reason
05/28/20 15:06:39 DC_AUTHENTICATE: Command not authorized, done!
======================================

Follow-Ups:
- Re: [HTCondor-users] help needed to troubleshoot a "SECMAN: FAILED" issue
  - From: Mark Coatsworth

References:
- [HTCondor-users] help needed to troubleshoot a "SECMAN: FAILED" issue
  - From: jcaballero . hep

Prev by Date: [HTCondor-users] help needed to troubleshoot a "SECMAN: FAILED" issue
Next by Date: Re: [HTCondor-users] help needed to troubleshoot a "SECMAN: FAILED" issue
Previous by thread: [HTCondor-users] help needed to troubleshoot a "SECMAN: FAILED" issue
Next by thread: Re: [HTCondor-users] help needed to troubleshoot a "SECMAN: FAILED" issue
Index(es):
- Date
- Thread

Mailing List Archives

Public Access

Re: [HTCondor-users] help needed to troubleshoot a "SECMAN: FAILED" issue