Mailing List ArchivesAuthenticated access |
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesAuthenticated access |
|
I am not following how a user can use their certificate. There is only 1 certificate for the pool. According to the tutorial (https://research.cs.wisc.edu/htcondor/CondorWeek2011/presentations/zmiller-ssl-tutorial.pdf), there is only 1 certificate.ÂOn Fri, Aug 9, 2024 at 1:53âPM Rita <rmorgan466@xxxxxxxxx> wrote:In your example, you have onlyÂone user (jfrey). Do you have an example with multiple users?ÂOn Fri, Aug 9, 2024 at 10:58âAM Jaime Frey via HTCondor-users <htcondor-users@xxxxxxxxxxx> wrote:The mapfile is how you tell HTCondor what user each SSL certificate should be mapped to. It can't define a $REMOTE_USER variable, as it doesnât have any information to determine a value.
You will probably have to add an entry in the mapfile for each userâs SSL certificate, providing the os account that certificate should be mapped to. Hereâs an example:
SSL "/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=jafrey/CN=647245/CN=James Freyâ jfrey
If your usersâ SSL DNs contain the os account name (e.g. if the DN include the userâs email address for your organization), you can use regular _expression_ rules to extract that and derive the os account name.
Â- Jaime
> On Aug 9, 2024, at 8:15âAM, Rita <rmorgan466@xxxxxxxxx> wrote:
>
> I have a mapfile which is using SSL. I have 30 odd users. At the moment, I have
> SSL (.*)Â usera
>
> All jobs are going in as usera which isn't correct. Is it possible to pass
> SSL (*.) $REMOTE_USER
>
> or something like that?
_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/----- Get your facts first, then you can distort them as you please.------- Get your facts first, then you can distort them as you please.--