[gin-auth] Re: [gin-data] Re: progress...

Oscar Koeroo okoeroo at nikhef.nl
Thu Jul 27 08:48:45 CDT 2006 

Hi Bill,

If you are in the position of having or installing the (edg-)mkgridmap 
and if you have the wish to use poolaccounts then this line would fit 
the request for the mkgridmap.conf file:

group vomss://kuiken.nikhef.nl:8443/voms/gin.ggf.org  .gin.ggf.org


This states that a group of user needs to be downloaded through the 
secured WS at host kuiken.nikhef.nl and it will created lines like:

"/O=dutchgrid/O=users/O=nikhef/CN=Oscar Koeroo" .gin.ggf.org


Otherwise you'll need to download the insecured DN list and then you'll 
have to add a pool of accounts with that.
That's located here: http://kuiken.nikhef.nl/gin.ggf.org/


cheers,

    Oscar



Erwin Laure wrote:

> Hi Bill,
>
> It is as you say in your last sentence. VOMS basically provides a 
> database of users. This information (either directly from the VOMS 
> server or indirectly via the webpage or RSS feed) is used by the 
> individual grids to map the DNs into their own user space. It's up to 
> the Grid how they do the mapping, most use pool-accounts though, I 
> believe.
>
> I've cc'ed the gin-auth group for further details and corrections.
>
> Cheers,
>
> -- Erwin
>
> William E. Allcock wrote:
>
>> Never having used VOMS, I guess I am also a little confused.  I went 
>> to the
>> registration page, and I looked in the gridmapfile.  However, the 
>> gridmap
>> file isn't really a gridmap file, because it doesn't actually map 
>> anything.
>> It has a list of DNs, but there are no accounts associated with them, 
>> which
>> is what the gridmap file does.  So, I think Gregor's (and my) 
>> question is,
>> what account will the GridFTP server that gets invoked be run under?  Or
>> does each Grid take responsibility for mapping it to some appropriately
>> restricted account and we can just not worry about that?
>>
>> Bill
>>
>>> -----Original Message-----
>>> From: owner-gin-data at ggf.org [mailto:owner-gin-data at ggf.org] On 
>>> Behalf Of Erwin Laure
>>> Sent: Thursday, July 27, 2006 4:22 AM
>>> To: Gregor von Laszewski
>>> Cc: gin-data at ggf.org; Mihael Hategan; Raj Kettimuthu
>>> Subject: [gin-data] Re: progress...
>>>
>>> Hi Gregor,
>>>
>>> You can get an initial list of Grids for testing purposes from:
>>> http://wiki.nesc.ac.uk/read/gin-jobs?GinResources
>>>
>>> Why do you need accounts on these Grids? Wouldn't simply joining the 
>>> GIN VO do? Information on how to join the VO is available at 
>>> http://wiki.nesc.ac.uk/read/gin-jobs
>>> This VO is supported by all GIN sites.
>>>
>>> Cheers,
>>>
>>> -- Erwin
>>>
>>> Gregor von Laszewski wrote:
>>>
>>>> Erwin:
>>>>
>>>>    we have tested our tool and it works as expected. 
>>>
>>>
>>> However, there is 
>>>
>>>> some issue in regards to renewing accounts and alloctaions 
>>>
>>>
>>> on TG to  run
>>>
>>>> this that are not yet resolved. To no longer delay the  
>>>
>>>
>>> publication of
>>>
>>>> the data, we have involved Raj that will start the  program 
>>>
>>>
>>> for us on
>>>
>>>> the TG. We hope this takes place tomorrow. This  also 
>>>
>>>
>>> allows us to test
>>>
>>>> the "easy deploy" requirement of the systems  so it could 
>>>
>>>
>>> be replicated
>>>
>>>> on other systems. Mike is improving the  documentation to make this 
>>>> happening.
>>>>
>>>> In return we have one question that we issued to this 
>>>
>>>
>>> mailinglist  before:
>>>
>>>> On which other Grids should we test our software?
>>>> Is there someone in the GIN working group that can let us 
>>>
>>>
>>> know which 
>>>
>>>> Grids we should approach next? From the experience we had with  
>>>> obtaining accouts, it looks like we want to get this 
>>>
>>>
>>> established  ASAP.
>>>
>>>> in order to start the application program. We probably need 
>>>
>>>
>>> some kind
>>>
>>>> of "sponsor" or "champion" to push this out on the other  
>>>
>>>
>>> Grids. So if
>>>
>>>> there are people from other Grids (other than TG) in  this working 
>>>> group, maybe you can let us know how we should approach  getting 
>>>> accounts on your Grids.
>>>>
>>>> I would assume this applies also to the other technologies 
>>>
>>>
>>> from the 
>>>
>>>> GIN-WG, do you have a uniform project description that I can point  
>>>> other Grids to as part of the application process?
>>>>
>>>> Gregor
>>>>
>>>>
>>>> On Jul 25, 2006, at 4:39 AM, Erwin Laure wrote:
>>>>
>>>>
>>>>> Hi,
>>>>>
>>>>> GGF18 is coming up soon. Could we please get an update on 
>>>>
>>>
>>> the  interop
>>>
>>>>> tests of SRB, SRM, and gridFTP?
>>>>>
>>>>> We will use this information to make an interop matrix 
>>>>
>>>
>>> available on 
>>>
>>>>> the GIN gridforge pages.
>>>>>
>>>>> Also, we should prepare instructions of how people can run these  
>>>>> tests themselves, i.e. test, whether their infrastructure is  
>>>>> interoperable with others.
>>>>>
>>>>> Cheers,
>>>>>
>>>>> -- Erwin
>>>>>
>>>>
>>>
>>

More information about the gin-auth mailing list