Mailing List Archives Public Access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [condor-users] More condor / kerberos trouble.

Date: Mon, 24 May 2004 13:12:03 -0500
From: Zachary Miller <zmiller@xxxxxxxxxxx>
Subject: Re: [condor-users] More condor / kerberos trouble.

> Given that we need to move to kerberos authentication to allow Condor jobs 
> to access other machines, what is the best way to proceed? Prior to 
> submitting the job, the user can, if required, obtain a machine principal 
> of the type e898/e898/machine.fnal.gov@xxxxxxxx, but it's unclear what 
> Condor would do with this.

this would likely work.  condor assumes the user is everything up to the
first slash or '@' sign.  so in this case, it would assume e898, which would
match the output of `whoami` and would not result in the security violation
you encountered.

better and more flexible credential management is something we are actively
working on, but for now hopefully the above will work for you.


cheers,
-zach

Condor Support Information:
http://www.cs.wisc.edu/condor/condor-support/
To Unsubscribe, send mail to majordomo@xxxxxxxxxxx with
unsubscribe condor-users <your_email_address>

Follow-Ups:
- Re: [condor-users] More condor / kerberos trouble.
  - From: Chris Green

References:
- [condor-users] More condor / kerberos trouble.
  - From: Chris Green

Prev by Date: [condor-users] More condor / kerberos trouble.
Next by Date: Re: [condor-users] More condor / kerberos trouble.
Previous by thread: [condor-users] More condor / kerberos trouble.
Next by thread: Re: [condor-users] More condor / kerberos trouble.
Index(es):
- Date
- Thread

Mailing List Archives

Public Access

Re: [condor-users] More condor / kerberos trouble.