Hi Steve,
/opt/edg/etc/edg-mkgridmap.conf contains the following:
##############################################################################
#
# Virtual Organisations
#
##############################################################################
# ATLAS
# Map VO members (Role) atlassgm
group vomss://lcg-voms.cern.ch:8443/voms/atlas?/atlas/Role=lcgadmin atlassgm
# Map VO members (root Group) atlas
group vomss://lcg-voms.cern.ch:8443/voms/atlas?/atlas/lcg1 .atlas
# LDAP lines for ATLAS
group ldap://grid-vo.nikhef.nl/ou=lcgadmin,o=atlas,dc=eu-datagrid,dc=org atlassgm
group ldap://grid-vo.nikhef.nl/ou=lcg1,o=atlas,dc=eu-datagrid,dc=org .atlas
# ALICE
# Map VO members (Role) alicesgm
group vomss://lcg-voms.cern.ch:8443/voms/alice?/alice/Role=lcgadmin alicesgm
# Map VO members (root Group) alice
group vomss://lcg-voms.cern.ch:8443/voms/alice?/alice .alice
# LDAP lines for ALICE
group ldap://grid-vo.nikhef.nl/ou=lcgadmin,o=alice,dc=eu-datagrid,dc=org alicesgm
group ldap://grid-vo.nikhef.nl/ou=lcg1,o=alice,dc=eu-datagrid,dc=org .alice
# LHCB
# Map VO members (Role) lhcbsgm
group vomss://lcg-voms.cern.ch:8443/voms/lhcb?/lhcb/Role=lcgadmin lhcbsgm
group vomss://lcg-voms.cern.ch:8443/voms/lhcb?/lhcb/lcgprod lhcbprod
# Map VO members (root Group) lhcb
group vomss://lcg-voms.cern.ch:8443/voms/lhcb?/lhcb .lhcb
# LDAP lines for LHCB
group ldap://grid-vo.nikhef.nl/ou=lcgadmin,o=lhcb,dc=eu-datagrid,dc=org lhcbsgm
group ldap://grid-vo.nikhef.nl/ou=lcg1,o=lhcb,dc=eu-datagrid,dc=org .lhcb
# CMS
# Map VO members (Role) cmssgm
group vomss://lcg-voms.cern.ch:8443/voms/cms?/cms/Role=lcgadmin cmssgm
# Map VO members (root Group) cms
group vomss://lcg-voms.cern.ch:8443/voms/cms?/cms .cms
# LDAP lines for CMS
group ldap://grid-vo.nikhef.nl/ou=lcgadmin,o=cms,dc=eu-datagrid,dc=org cmssgm
group ldap://grid-vo.nikhef.nl/ou=lcg1,o=cms,dc=eu-datagrid,dc=org .cms
# DTEAM
# Map VO members (Role) dteamsgm
group vomss://lcg-voms.cern.ch:8443/voms/dteam?/dteam/Role=lcgadmin dteamsgm
# Map VO members (root Group) dteam
group vomss://lcg-voms.cern.ch:8443/voms/dteam?/dteam .dteam
# LDAP lines for DTEAM
group ldap://lcg-vo.cern.ch/ou=lcgadmin,o=dteam,dc=lcg,dc=org dteamsgm
group ldap://lcg-vo.cern.ch/ou=lcg1,o=dteam,dc=lcg,dc=org .dteam
# SIXT
# Map VO members (root Group) sixt
group vomss://lcg-voms.cern.ch:8443/voms/sixt?/sixt .sixt
# LDAP lines for SIXT
group ldap://lcg-vo.cern.ch/ou=lcg1,o=sixt,dc=lcg,dc=org .sixt
# PHENO
# LDAP lines for PHENO
group ldap://vo.gridpp.ac.uk/ou=phenogrid,dc=gridpp,dc=ac,dc=uk .pheno
# BIOMED
# LDAP lines for BIOMED
group ldap://vo-biome.in2p3.fr/ou=lcgadmin,o=biomedical,dc=lcg,dc=org biomedsgm
group ldap://vo-biome.in2p3.fr/ou=lcg1,o=biomedical,dc=lcg,dc=org .biomed
# ZEUS
# LDAP lines for ZEUS
group ldap://grid-vo.desy.de/ou=zeus,ou=vo,o=desy,c=de .zeus
# BABAR
# LDAP lines for BABAR
group ldap://babar-vo.gridpp.ac.uk/ou=babarsgm,dc=gridpp,dc=ac,dc=uk babarsgm
group ldap://babar-vo.gridpp.ac.uk/ou=babar,dc=gridpp,dc=ac,dc=uk .babar
#############################################################################
# List of auth URIs
# eg 'auth ldap://marianne.in2p3.fr/ou=People,o=testbed,dc=eu-datagrid,dc=org'
# If these are defined then users must be authorised in one of the following
# auth servers.
# A list of authorised users.
auth ldap://lcg-registrar.cern.ch/ou=users,o=registrar,dc=lcg,dc=org
#############################################################################
# DEFAULT_LCLUSER: default_lcluser lcluser
# default_lcuser .
#############################################################################
# ALLOW and DENY: deny|allow pattern_to_match
# allow *INFN*
#############################################################################
# Local grid-mapfile to import and overide all the above information.
# eg, gmf_local /opt/edg/etc/grid-mapfile-local
gmf_local /opt/edg/etc/grid-mapfile-local
Thanks,
Mòrag
-----Original Message-----
From: LHC Computer Grid - Rollout [mailto:[log in to unmask]] On Behalf Of Steve Traylen
Sent: 12 August 2005 10:30
To: [log in to unmask]
Subject: Re: [LCG-ROLLOUT] FW: Cron <root@ce> /opt/edg/sbin/edg-mkgridmap --output=/etc/grid-security/grid-mapfile --safe
On Fri, Aug 12, 2005 at 10:18:59AM +0100 or thereabouts, Morag Burgon-Lyon wrote:
> Hi,
>
> I added a the zeus and babar VOs using lcg-yaim-2.6.0-7 on Wednesday. Since then I have received the following SSL negotiation failure messages from the edg-mkgridmap cron job on our ce and classic se.
>
> I can telnet lcg-voms.cern.ch 8443. The other three VOs do not have a VOMS server listed in site-info.def. Any suggestions?
Hi Mòrag
What does your complete mkgridmap.conf file look like, in particular what
does the zeus and babar lines look like. They should like
group ldap://grid-vo.desy.de/ou=zeus,ou=vo,o=desy,c=de .zeus
and
group ldap://babar-vo.gridpp.ac.uk/ou=babarsgm,dc=gridpp,dc=ac,dc=uk babarsgm
group ldap://babar-vo.gridpp.ac.uk/ou=babar,dc=gridpp,dc=ac,dc=uk .babar
Steve
>
> Thanks,
> Mòrag
>
> -----Original Message-----
> From: Cron Daemon [mailto:[log in to unmask]]
> Sent: 12 August 2005 01:30
> To: [log in to unmask]
> Subject: Cron <root@ce> /opt/edg/sbin/edg-mkgridmap --output=/etc/grid-security/grid-mapfile --safe
>
> voms search(https://lcg-voms.cern.ch:8443/voms/atlas/services/VOMSCompatibility?method=getGridmapUsers&container=%2Fatlas%2FRole%3Dlcgadmin): SSL negotiation failed:
>
> voms search(https://lcg-voms.cern.ch:8443/voms/atlas/services/VOMSCompatibility?method=getGridmapUsers&container=%2Fatlas%2Flcg1): SSL negotiation failed:
>
> voms search(https://lcg-voms.cern.ch:8443/voms/alice/services/VOMSCompatibility?method=getGridmapUsers&container=%2Falice%2FRole%3Dlcgadmin): SSL negotiation failed:
>
> voms search(https://lcg-voms.cern.ch:8443/voms/alice/services/VOMSCompatibility?method=getGridmapUsers&container=%2Falice): SSL negotiation failed:
>
> voms search(https://lcg-voms.cern.ch:8443/voms/lhcb/services/VOMSCompatibility?method=getGridmapUsers&container=%2Flhcb%2FRole%3Dlcgadmin): SSL negotiation failed:
>
> voms search(https://lcg-voms.cern.ch:8443/voms/lhcb/services/VOMSCompatibility?method=getGridmapUsers&container=%2Flhcb%2Flcgprod): SSL negotiation failed:
>
> voms search(https://lcg-voms.cern.ch:8443/voms/lhcb/services/VOMSCompatibility?method=getGridmapUsers&container=%2Flhcb): SSL negotiation failed:
>
> voms search(https://lcg-voms.cern.ch:8443/voms/cms/services/VOMSCompatibility?method=getGridmapUsers&container=%2Fcms%2FRole%3Dlcgadmin): SSL negotiation failed:
>
> voms search(https://lcg-voms.cern.ch:8443/voms/cms/services/VOMSCompatibility?method=getGridmapUsers&container=%2Fcms): SSL negotiation failed:
>
> voms search(https://lcg-voms.cern.ch:8443/voms/dteam/services/VOMSCompatibility?method=getGridmapUsers&container=%2Fdteam%2FRole%3Dlcgadmin): Connect failed: connect: timeout; Operation now in progress
>
> voms search(https://lcg-voms.cern.ch:8443/voms/dteam/services/VOMSCompatibility?method=getGridmapUsers&container=%2Fdteam): SSL negotiation failed:
>
> voms search(https://lcg-voms.cern.ch:8443/voms/sixt/services/VOMSCompatibility?method=getGridmapUsers&container=%2Fsixt): SSL negotiation failed:
>
> Exit with error(s) (code=12)
--
Steve Traylen
[log in to unmask]
http://www.gridpp.ac.uk/
|