[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Condor-users] Questions on SEC_<context>_<feature> macros

Date: Thu, 17 Apr 2008 18:40:51 -0700 (PDT)
From: "Barnett P. Chiu" <thiaoouban@xxxxxxxxx>
Subject: [Condor-users] Questions on SEC_<context>_<feature> macros

Hi,

In the context of submitting jobs to a remote schedd, I noticed that SEC_DEFAULT_AUTHENTICATION_METHODS on both submit host and remote host (i.e. in the config_file that remote schedd is referencing) have to be exactly the same; otherwise, I would get the following error messages upon submission:

ERROR: Failed to connect to queue manager agrd0926_24240@xxxxxxxxxxxxxxxxxxxxx
AUTHENTICATE:1003:Failed to authenticate with any method
AUTHENTICATE:1004:Failed to authenticate using ...

Why is it designed so? Intuitively, if the SEC_ macro on submit host is defined to be, say, FS:

<submit host>
SEC_DEFAULT_AUTHENTICATION_METHODS = FS

And, even if the macro defined on the remote host is not exactly the same but is a "superset" of what's defined on submit host:

<remote host>
SEC_DEFAULT_AUTHENTICATION_METHODS = FS, REMOTE_FS, GSI

Shouldn't it be also working since they both provide file system authentication?

If the remote host doesn't define any SEC_ macros (i.e. all security features are not defined), then does it imply that the SEC_DEFAULT_AUTHENTICATION_METHODS on submit host should point to
FS, KERBEROS, GSI to allow schedd authentication process to work (since these three values are Condor's default if nothing is defined)?

Thank you,

~Barnett

Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.

Follow-Ups:
- Re: [Condor-users] Questions on SEC_<context>_<feature> macros
  - From: Jaime Frey

Prev by Date: Re: [Condor-users] Need help with 7.0.1
Next by Date: Re: [Condor-users] Need help with 7.0.1
Previous by thread: Re: [Condor-users] problem executing jar file
Next by thread: Re: [Condor-users] Questions on SEC_<context>_<feature> macros
Index(es):
- Date
- Thread