[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [HTCondor-users] help needed to troubleshoot a "SECMAN: FAILED" issue
- Date: Thu, 28 May 2020 15:29:44 +0100
- From: jcaballero.hep@xxxxxxxxx
- Subject: Re: [HTCondor-users] help needed to troubleshoot a "SECMAN: FAILED" issue
El jue., 28 may. 2020 a las 15:17, Jose Caballero
> I need some guidance here.
> I am trying to setup a testing Schedd and add it to an existing pool.
> It has the same configuration that the other Schedd's on production.
> However, there is a difference, my testing Schedd is on a host with a
> different domain name that the rest of the infrastructure. I feel that
> is part of the problem here.
> When I try to run condor_q remotely against the new test schedd, I get
> this in the SchedLog
> SECMAN: FAILED: Received "DENIED" from server for user
> condor_pool@<a_domain_name> using method PASSWORD.
> where the <a_domain_name> is the domain name of the production
> infrastructure, not the domain name of this testing schedd.
> Is that a problem?
> Extra info, let me know if there is something else I need to provide:
> # condor_config_val SEC_PASSWORD_FILE
> # ls -l /etc/condor/pool_password
> -r-------- 1 root root 256 May 28 13:22 /etc/condor/pool_password
> # rpm -qa | grep condor
> Thanks a lot in advance.
An extra piece of info.
>From the NegotiatorLog, replacing again real values by <foo>:
05/28/20 15:06:39 PERMISSION DENIED to condor_pool@<a_domain_name>
from host <the_schedd_ip> for command 421 (Reschedule), access level
DAEMON: reason: cached result for DAEMON; see first case for the full
05/28/20 15:06:39 DC_AUTHENTICATE: Command not authorized, done!