Mailing List ArchivesAuthenticated access |
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesAuthenticated access |
|
|
NTSSPI should work, and you donât need to maintain a separate password for each user (i.e. different from their normal password). But they do have to store their normal password
by running âcondor_store_credâ before submitting jobs. It is possible to set up AD which as you surmised is the âKERBEROSâ method in this context, but that is more work for the admin whereas NTSSPI should just work out of the box. For
KERBEROS, each user needs their own principal (which should show up if they run klist from the command line) and each daemon also needs a service principal, something like âcondor/hostname.foo.com@xxxxxxxâ. Cheers, -zach
-----Original Message----- Hi, what would be the recommended authentication method for HTCondor in a Windows-only environment in which user credentials are managed using an Active Directory? The docs (6.2.5) list NTSSPI, PASSWORD - both of which seem to be in general suitable for Windows (https://indico.cern.ch/event/272794/contributions/614951/attachments/490442/677972/HTCondor-Security-Overview.pptx).
What would be the easiest way to handle authentication without a separate Condor password for the users to keep, i.e. using their ActiveDirectory account? Would that be the KERBEROS method? Thanks, Finn Finn Bastiansen | Effect Modelling and Statistics Rifcon GmbH | GoldbeckstraÃe 13 | 69493 Hirschberg T. +49 6201 84528-24 | Fax: +49 (0)6201 8452899 Finn.Bastiansen@xxxxxxxxx | www.rifcon.de <http://www.rifcon.de> -----UrsprÃngliche Nachricht----- Von: HTCondor-users <htcondor-users-bounces@xxxxxxxxxxx> Im Auftrag von Finn Bastiansen Gesendet: Dienstag, 20. Oktober 2020 11:47 An: HTCondor-Users Mail List <htcondor-users@xxxxxxxxxxx> Betreff: Re: [HTCondor-users] Beginner's question regarding HTCondor basic setup Dear Zach, thanks for your help and sorry for the late response; I didn't have time to work on this topic before. Using your help submission works now, or rather, I am running into the credentials issue you already mentioned,
but I will try to solve it using the docs first. Thanks again, Finn Finn Bastiansen | Effect Modelling and Statistics Rifcon GmbH | GoldbeckstraÃe 13 | 69493 Hirschberg T. +49 6201 84528-24 | Fax: +49 (0)6201 8452899
Finn.Bastiansen@xxxxxxxxx | www.rifcon.de <http://www.rifcon.de> -----UrsprÃngliche Nachricht----- Von: HTCondor-users <htcondor-users-bounces@xxxxxxxxxxx> Im Auftrag von Zach Miller Gesendet: Montag, 24. August 2020 17:26 An: HTCondor-Users Mail List <htcondor-users@xxxxxxxxxxx> Betreff: Re: [HTCondor-users] Beginner's question regarding HTCondor basic setup Hello, Glad you are trying out HTCondor. I read through your description below, and here's what I can suggest: The process called the "condor_schedd" is the daemon that manages a job queue, receives job submissions, and communicates with worker nodes to send and receive jobs. This should be running on the machines you have
designated "SUBMITTERS" but as you pointed out currently that daemon is not running. I assume the condor_master daemon is running on each of these submit nodes. Are there others? (All have the "condor_" prefix). You should be able to edit the configuration on those machines and update the "DAEMON_LIST"
setting. Add in the name "SCHEDD" to this list, and restart condor on that machine. (If you are going to be running jobs as the user that submitted them (as opposed to a generic user, like "nobody" on unix systems) each user will need to run the condor_store_cred command as well... but let's figure
that out once we are sure the daemons are up and running properly.) Cheers, -zach ïOn 8/24/20, 8:59 AM, "HTCondor-users on behalf of Finn Bastiansen" <htcondor-users-bounces@xxxxxxxxxxx on behalf of
Finn.Bastiansen@xxxxxxxxx> wrote: Dear list members, this is my first attempt to use/set up HTCondor and my first post to the ML, so hello to you all :-) We are tring to configure a minimum HTCondor âclusterâ to get into the topic, but it seems that we are misunderstand something or made 1 to x mistakes ... If this was already described and solved frequently, I would be happy to be directed to a ML thread or any other source, my recent search did not lead me to something helpful. We are using version 8.8.9. You can find details of our setup below. After installing HTCondor and creating a sample job I get the message: âERROR: Can't find address of local scheddâ I then saw in Task Manager that condor_schedd is not running, neither on the machine FROM which I submit the job nor the machine TO which I submit the job (central manager). In this context, does âsubmit jobsâ
in the manual mean âsubmit from a client PC to the central managerâ OR âsubmit from central manager to the pool, i.e. to (a) client(s) executing the jobâ? Or both? Because this has implications for what box needs to be checked during setup. What could be the reason for this problem? Did I misunderstand something and therefore set it up incorrectly? How can I solve this? Thank you for your time and help! Finn #### Setup Details: Intended (and testing) Setup: - 1 scheduling server (âcentral managerâ in the docs), currently a Windows 10 VM => âSCHEDULERâ - 3-4 desktop machines/ laptops from which jobs will be submitted (test: 1 Win10 desktop) => âSUBMITTERSâ - 10-20 currently unused desktop machines (dedicated to HTCondor, will not be used by humans in parallel; test: 1 laptop) as worker bees which will receive jobs from the scheduler => âWORKERSâ After reading the docs, we set up the 3 machines using the Windows GUI installer according to the following settings: - SCHEDULER: âCreate a new HTCondor Poolâ; Name of new pool: TEST; Submit jobs to HTCondor pool: Unchecked (because the docs say âGenerally jobs should not be either submitted or run on the central manager machineâ);
âDo not run jobs on this machineâ. - SUBMITTER: âJoin existing HTCondor Poolâ, Hostname of central manager: (hostname of SCHEDULER); Submit jobs to HTCondor pool: Checked; âDo not run jobs on this machineâ. - WORKER: âJoin existing HTCondor Poolâ, Hostname of central manager: (hostname of SCHEDULER); Submit jobs to HTCondor pool: Unchecked; âAlways run jobs and never suspend themâ. I do not list the remaining setup config because I assume that it is irrelevant for the issue at hand. Based on this setup, I created a submission description file âexample1_submit.txtâ (which calls rscript.exe that gets the path to an R script passed as argument). On the submitter, I then called: condor_submit example1_submit.txt This however returns âERROR: Can't find address of local scheddâ. condor_schedd.exe is not running on the SCHEDULER nor the SUBMITTER. _______________________________________________ HTCondor-users mailing list To unsubscribe, send a message to
htcondor-users-request@xxxxxxxxxxx with a subject: Unsubscribe You can also unsubscribe by visiting The archives can be found at: RIFCON GmbH GoldbeckstraÃe 13 - D-69493 Hirschberg Amtsgericht Mannheim | HRB 433053 | Ust.IdNr. DE 814188954 GeschÃftsfÃhrer / Managing Directors: Dr. Michael Riffel, Juergen Riffel, Ute Terberger Please think twice before you print this email ! DISCLAIMER: This e-mail transmission may contain confidential or legally privileged information that is intended only for the individual or entity named in the e-mail address. If you are not the intended recipient,
you are hereby notified that any disclosure, copying, distribution or reliance upon the contents of this e-mail is strictly prohibited. If you have received this e-mail transmission in error, please reply to the sender, so that we can arrange for proper delivery,
and then please delete the message from your system. The original of this e-mail was scanned for viruses, but you should always use your own virus-scanning software to ensure mail and attachments are safe to open. This e-mail does not constitute a consent
to the use of sender's contact information for direct marketing purposes or for transfers of data to third parties. _______________________________________________ HTCondor-users mailing list To unsubscribe, send a message to
htcondor-users-request@xxxxxxxxxxx with a subject: Unsubscribe You can also unsubscribe by visiting The archives can be found at: |