[gin-auth] Re: [gin-data] Re: progress...
Oscar Koeroo
okoeroo at nikhef.nl
Thu Jul 27 08:48:45 CDT 2006
Hi Bill,
If you are in the position of having or installing the (edg-)mkgridmap
and if you have the wish to use poolaccounts then this line would fit
the request for the mkgridmap.conf file:
group vomss://kuiken.nikhef.nl:8443/voms/gin.ggf.org .gin.ggf.org
This states that a group of user needs to be downloaded through the
secured WS at host kuiken.nikhef.nl and it will created lines like:
"/O=dutchgrid/O=users/O=nikhef/CN=Oscar Koeroo" .gin.ggf.org
Otherwise you'll need to download the insecured DN list and then you'll
have to add a pool of accounts with that.
That's located here: http://kuiken.nikhef.nl/gin.ggf.org/
cheers,
Oscar
Erwin Laure wrote:
> Hi Bill,
>
> It is as you say in your last sentence. VOMS basically provides a
> database of users. This information (either directly from the VOMS
> server or indirectly via the webpage or RSS feed) is used by the
> individual grids to map the DNs into their own user space. It's up to
> the Grid how they do the mapping, most use pool-accounts though, I
> believe.
>
> I've cc'ed the gin-auth group for further details and corrections.
>
> Cheers,
>
> -- Erwin
>
> William E. Allcock wrote:
>
>> Never having used VOMS, I guess I am also a little confused. I went
>> to the
>> registration page, and I looked in the gridmapfile. However, the
>> gridmap
>> file isn't really a gridmap file, because it doesn't actually map
>> anything.
>> It has a list of DNs, but there are no accounts associated with them,
>> which
>> is what the gridmap file does. So, I think Gregor's (and my)
>> question is,
>> what account will the GridFTP server that gets invoked be run under? Or
>> does each Grid take responsibility for mapping it to some appropriately
>> restricted account and we can just not worry about that?
>>
>> Bill
>>
>>> -----Original Message-----
>>> From: owner-gin-data at ggf.org [mailto:owner-gin-data at ggf.org] On
>>> Behalf Of Erwin Laure
>>> Sent: Thursday, July 27, 2006 4:22 AM
>>> To: Gregor von Laszewski
>>> Cc: gin-data at ggf.org; Mihael Hategan; Raj Kettimuthu
>>> Subject: [gin-data] Re: progress...
>>>
>>> Hi Gregor,
>>>
>>> You can get an initial list of Grids for testing purposes from:
>>> http://wiki.nesc.ac.uk/read/gin-jobs?GinResources
>>>
>>> Why do you need accounts on these Grids? Wouldn't simply joining the
>>> GIN VO do? Information on how to join the VO is available at
>>> http://wiki.nesc.ac.uk/read/gin-jobs
>>> This VO is supported by all GIN sites.
>>>
>>> Cheers,
>>>
>>> -- Erwin
>>>
>>> Gregor von Laszewski wrote:
>>>
>>>> Erwin:
>>>>
>>>> we have tested our tool and it works as expected.
>>>
>>>
>>> However, there is
>>>
>>>> some issue in regards to renewing accounts and alloctaions
>>>
>>>
>>> on TG to run
>>>
>>>> this that are not yet resolved. To no longer delay the
>>>
>>>
>>> publication of
>>>
>>>> the data, we have involved Raj that will start the program
>>>
>>>
>>> for us on
>>>
>>>> the TG. We hope this takes place tomorrow. This also
>>>
>>>
>>> allows us to test
>>>
>>>> the "easy deploy" requirement of the systems so it could
>>>
>>>
>>> be replicated
>>>
>>>> on other systems. Mike is improving the documentation to make this
>>>> happening.
>>>>
>>>> In return we have one question that we issued to this
>>>
>>>
>>> mailinglist before:
>>>
>>>> On which other Grids should we test our software?
>>>> Is there someone in the GIN working group that can let us
>>>
>>>
>>> know which
>>>
>>>> Grids we should approach next? From the experience we had with
>>>> obtaining accouts, it looks like we want to get this
>>>
>>>
>>> established ASAP.
>>>
>>>> in order to start the application program. We probably need
>>>
>>>
>>> some kind
>>>
>>>> of "sponsor" or "champion" to push this out on the other
>>>
>>>
>>> Grids. So if
>>>
>>>> there are people from other Grids (other than TG) in this working
>>>> group, maybe you can let us know how we should approach getting
>>>> accounts on your Grids.
>>>>
>>>> I would assume this applies also to the other technologies
>>>
>>>
>>> from the
>>>
>>>> GIN-WG, do you have a uniform project description that I can point
>>>> other Grids to as part of the application process?
>>>>
>>>> Gregor
>>>>
>>>>
>>>> On Jul 25, 2006, at 4:39 AM, Erwin Laure wrote:
>>>>
>>>>
>>>>> Hi,
>>>>>
>>>>> GGF18 is coming up soon. Could we please get an update on
>>>>
>>>
>>> the interop
>>>
>>>>> tests of SRB, SRM, and gridFTP?
>>>>>
>>>>> We will use this information to make an interop matrix
>>>>
>>>
>>> available on
>>>
>>>>> the GIN gridforge pages.
>>>>>
>>>>> Also, we should prepare instructions of how people can run these
>>>>> tests themselves, i.e. test, whether their infrastructure is
>>>>> interoperable with others.
>>>>>
>>>>> Cheers,
>>>>>
>>>>> -- Erwin
>>>>>
>>>>
>>>
>>
More information about the gin-auth
mailing list