Mailing List Archives
Authenticated access
|
|
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif)
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] about condor_store_cred add
- Date: Mon, 21 Sep 2009 11:38:22 -0500
- From: Todd Tannenbaum <tannenba@xxxxxxxxxxx>
- Subject: Re: [Condor-users] about condor_store_cred add
Tao.3.Chen@xxxxxxxxxxxxxxxxxxxxxxxxxxx wrote:
Hi,all
I am using condor 7.2.4, last Friday I changed the password, and then
today I found there is an authentication problem, I can neither submit
jobs nor run any jobs in the executor...After I checked the manual and
online, then I updated my password with condor_store_cred add, I think
now system partly works, but I got a little confused about the
authentication method, can anyone help me to answer following few
quesions? Thank you very much! (1) I saw from the dos command
reference, I need to use condor_store_cred add to update my password,
but in the manual I should use the condor_store_cred -c add, so what is
the difference?
The "-c" option is to set a password used for password-based
authentication of one Condor service to another. It is not used to
start processes as a submitting user.
A condor administrator who want to setup strong authentication across
Condor installation may use "condor_store_cred -c add" - see
http://www.cs.wisc.edu/condor/manual/v7.2/3_6Security.html#SECTION00463400000000000000
A user simply submitting jobs into Condor should just run
"condor_store_cred add".
(2) Should I only add credentials to submitter or both the submitter and
executer?
Typically uou only need to run condor_store_cred on the submitter.
(3) Actually, I have 2 submitter, and 2 executor machines in condor
system, but I only have access to 1 submitter and 1 executor(I install
the condor software with my user account),so when I changed my password,
shall I update it in both the submitter and executor? But howabout the
other 2 machines, according to what I found, there seems some credential
problem with another 2 PCs since I change my password(There should not
be any problem with another 2 PCs,because I did not change them and have
no access to config them)
You will either need to
1) re-reun condor_store_cred add on each submit host where you have
jobs submitted (no need to worry about submit hosts where you do not
submit jobs from)
or
2) setup your Condor environment to run the (optional) centralized
condor_credd service. by running this service, you can run
condor_store_cred once, and all machines in the pool that may need your
credential can securely fetch it as needed.
More info on all of this is in sections 6.2.3 and 6.2.4 of the Manual -
http://www.cs.wisc.edu/condor/manual/v7.2/6_2Microsoft_Windows.html#SECTION00723000000000000000
regards,
Todd