Hi Gonçalo,
> 1. In /opt/glite/etc/lcmaps/lcmaps.db change the order of the "withvoms"
> and "standard" sections. Beware the file is written by YAIM.
>
> 2. Put your local users in /opt/edg/etc/grid-mapfile-local with their
> desired mappings. Note 1: each user will have exactly 1 mapping,
> that is the limitation of the classic grid-mapfile.
> Note 2: a pool account mapping will be overridden by a mapping to
> a static account, if any. For example, if grid-mapfile-local maps
> a DN to ".lipcms" and edg-mkgridmap.conf maps that DN to "cmssgm",
> the latter mapping wins!
> To avoid that: in /opt/edg/etc/edg-mkgridmap.conf comment out the
> lines for CMS. Beware the file is written by YAIM.
In fact, you will need to comment out _all_ lines in edg-mkgridmap.conf!
Otherwise the DN mapping will also take precedence for other users,
while normally the mapping should be according to VOMS attributes.
> 3. Run the commands in /etc/cron.d/edg-mkgridmap and
> /etc/cron.d/lcg-ce-mkgridmap manually and check the resulting
> contents of /etc/grid-security/grid-mapfile.
|