Quoting Hamza Mehammed <[EMAIL PROTECTED]>:
Hi, > Hi, > > Hornoy Francois wrote: > > Quoting Ketan C Maheshwari <[EMAIL PROTECTED]>: > > > > > >> Hornoy Francois wrote: > >> > >>> Hello, > >>> > >>> Something i have not really understood yet: i'm following the tutorial > on > >>> > >> the > >> > >>> GlobusConsortium website. > >>> > >>> If a client (let's say "bob") wants to run a job on a Globus remote > >>> > >> machine, > >> > >>> there must be a "bob" UNIX account on the Globus remote machine ? > >>> > >>> > >> nopes, as long as i understand, the globus machine's grid-mapfile must > >> map that users' DN to his/her accountname and a separate account on > >> globus machine is not required. > >> > > > > Okay. But when if i run: > > > > [EMAIL PROTECTED] ~]# grid-mapfile-check-consistency > > Checking /etc/grid-security/grid-mapfile grid mapfile > > Verifying grid mapfile existence...OK > > Checking for duplicate entries...OK > > Checking for valid user names... > > ERROR: bob is not a valid local username > > ERROR: Found 1 invalid username(s) > > > > So, how should i deal with this? > > > The DN of bob must be mapped to the unix Account belonging to bob. I > think you are mapping the DN of bob to the account bob which seems to be > not existing. You have to either create an account bob or map the DN of > bob to his account. Hum.. still don't get it :( On my "Globus" machine, i have 2 accounts: root and globus. A client (username=bob) wants to launch job/transfer on that Globus remote machine. So, may i map this client's DN with the local "globus" account ? Any useful link about this delegating stuff ? Cheers, Francois. > Cheers, > Hamza > > > Thks, Francois. > > > > > > > >> For those tasks that needs > >> authentication the client must delegate his/her credentials to globus > >> user to perform them on clients behalf. > >> > >>> Or shall i map every user certificate subjects in the grid-mapfile to > the > >>> > >> local > >> > >>> user "globus" ? > >>> > >>> > >> delegation is a cleaner solution. > >> > >>> Thanks for helping, > >>> > >>> Bye, Francois. > >>> > >>> > >>> > >> > > > > > > > > >
