Thanks again. Okay, what I did was create a user account named "bryan" on "besbaugh-craptop" and tried to access the gsiftp server again, but I'm still getting the same error. It is using the same usercerts as before so I don't think that is the problem.
The only thing I can think of is that gsiftp is looking in the wrong place for the gridmap file however I'm not sure where this is set. [EMAIL PROTECTED]:~$ globus-url-copy -dbg gsiftp://besbaugh-craptop.esbaugh.com/etc/group file:///tmp/bryan1.test debug: starting to get gsiftp://besbaugh-craptop.esbaugh.com/etc/group debug: connecting to gsiftp://besbaugh-craptop.esbaugh.com/etc/group debug: response from gsiftp://besbaugh-craptop.esbaugh.com/etc/group: 220 besbaugh-craptop.esbaugh.com GridFTP Server 2.7 (gcc32, 1197331989-63) [Globus Toolkit 4.0.6] ready. debug: authenticating with gsiftp://besbaugh-craptop.esbaugh.com/etc/group debug: response from gsiftp://besbaugh-craptop.esbaugh.com/etc/group: 530-Login incorrect. : globus_gss_assist: Gridmap lookup failure: Could not map /O=Grid/OU=GlobusTest/OU=simpleCA-junkpile.esbaugh.com/OU=esbaugh.com/CN=Bryan Esbaugh 530- 530 End. debug: fault on connection to gsiftp://besbaugh-craptop.esbaugh.com/etc/group debug: data callback, error globus_ftp_client: the server responded with an error, buffer 0xb7a69008, length 0, offset=0, eof=true debug: operation complete error: globus_ftp_client: the server responded with an error 530 530-Login incorrect. : globus_gss_assist: Gridmap lookup failure: Could not map /O=Grid/OU=GlobusTest/OU=simpleCA-junkpile.esbaugh.com/OU=esbaugh.com/CN=Bryan Esbaugh 530- 530 End. Gridmap file on "besbaugh-craptop" [EMAIL PROTECTED]:~$ cat /etc/grid-security/grid-mapfile "/O=Grid/OU=GlobusTest/OU=simpleCA-junkpile.com/OU=esbaugh.com/CN=Bryan Esbaugh" bryan -Bryan >Yes, that's the problem. The grid-mapfile is used for authentication >and authorization. Your authentication step is fine, because your >certificate subject shows up in the grid-mapfile and has a user account >listed next to it. But then the gridftp server needs to setuid to your >account - that's how it lets you access files. When the gridftp server >looks up your destination account, it finds that it doesn't exist on >the craptop, so it doesn't have anyone to setuid to, and fails your >authorization attempt. >That's the long way of saying that yes, for gridftp the destination >user account is important. You're correct that some other services >(particularly ones that don't need to setuid to establish user >privileges) just care about you being listed in the grid-mapfile and >not who you're mapped to. Not the case for gridftp though. >Charles
