Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
title/etc/grid-security/condor_mapfile
GSI "^\/DC\=ch\/DC\=cern\/OU\=Organic\ Units\/OU\=Users\/CN\=khurtado\/CN\=764581\/CN\=Kenyi\ Paolo\ Hurtado\ Anampa" uscms01
GSI (.*) anonymous
FS (.*) \1

Note: By default, condor will simply use If no condor_mapfile is created, the whole grid-mapfile table if will be used for the authentication table. Then e.g any CMS user mapped to uscms01 can be allowed. This is the default authentication procedure when no condor_mapfile is not created. CMS users will map to the 'uscms01' user, so you can

Code Block
title/etc/grid-security/condor_mapfile
# GSS_ASSIT_GRIDMAP will
# map users from grid-mapfile
GSI (.*) GSS_ASSIST_GRIDMAP 
GSIFS (.*) \1 anonymous
FS 
FS_REMOTE (.*) \1 
SSL (.*) ssl@unmapped 
KERBEROS ([^/]*)/?[^@]*@(.*) \1@\2 
NTSSPI (.*) \1 
CLAIMTOBE (.*) \1 
PASSWORD (.*) \1 

Configuration

We will need to specify that condor daemons will require GSI authentication.

...