Mailing List ArchivesAuthenticated access |
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesAuthenticated access |
|
|
That approach assumes that you want PASSWORD to be the only authentication method between daemons in your pool. For your situation, you want to add it to the regular list of authentication methods.
On the old machine and the central manager, you will want to add PASSWORD to all SEC_XXX_AUTHENTICATION_METHODS settings in the configuration files. If SEC_DEFAULT_AUTHENTICATION_METHODS isnât set in your configuration files, then youâll want to add this
(which keeps the default list and adds PASSWORD):
SEC_DEFAULT_AUTHENTICATION_METHODS = FS,TOKEN,KERBEROS,SCITOKENS,SSL,PASSWORD
Youâll do a similar modification for ALLOW_DAEMON, adding condor_pool@* to the authorized identities instead of replacing the existing list of authorizations. Add this line to your configuration after any other settings of ALLOW_DAEMON:
ALLOW_DAEMON = $(ALLOW_DAEMON) condor_pool@*
Finally, create the password file with the same contents on the old machine and the central manager, with owner root and permissions 0600, and set SEC_PASSWORD_FILE to point at that file.
A condor_reconfig should be sufficient after these changes, but a restart of the daemons on the old machine and the central manager may be required.
- Jaime
| |||||||||||||||||||||||||