Hi Gokop,
> You can do that by entering the DN of each user between double quotes followed by a space and the unix pool account in the /etc/grid-security/grid-mapfile file eg
>
> "DN-OF-USER" <unix-pool-account>
That only works reliably for plain grid proxies, if they are supported.
Normally the VOMS mapping has priority and the DN mapping would be ignored.
> -----Original Message-----
> From: LHC Computer Grid - Rollout [mailto:[log in to unmask]] On Behalf Of Arnau Bria
> Sent: 27 January 2011 12:00
> To: [log in to unmask]
> Subject: [LCG-ROLLOUT] mapping DN+Role to static user
>
> Hi all,
>
> I'm trying to configure our CE (lcg-CE and CREAM) in order to map one
> specific user to one unix account. The problem is that we need to map:
>
> 1.-) DN1+Role1 -> account1
> 2.-) DN1+Role2 -> account2
> 3.-) DN2+Role3 -> account3
>
>
> I've been reading
> https://www.nikhef.nl/pub/projects/grid/gridwiki/index.php/LCMAPS
> looking for LCMAPS plugins features and I ve not found one that takes
> care of above cases. SO I'm wondering if a "combo" of them could do
> what we need (localaccount+vomsaccount?)
>
> If not, we could do the map via gridmapdir, but this conf won't be
> persistent, cause in case we change gridmapdir (NFS migration, i.e) we
> will lose the mapping.
>
> Anyone is doing something similar?
>
> Any idea will be appreciated.
>
> Cheers,
> Arnau
|