And for completeness ... what is the default proxy version to use if that bonus field isn't present?
Also, what happens if you use an older or a newer version?
cheers
JK
> -----Original Message-----
> From: Testbed Support for GridPP member institutes [mailto:TB-
> [log in to unmask]] On Behalf Of Robert Frank
> Sent: Tuesday, October 08, 2013 11:22 AM
> To: [log in to unmask]
> Subject: Re: Fwd: [ EGI BROADCAST ] IMPORTANT - ATLAS VOMS configuration
> to be updated
>
> Hi Daniela,
>
> it's the Globus version the client should use when creating the proxy (voms-
> proxy-init -globus 24). It affects the type of proxy that is created. 24 creates a
> GT2 proxy (same as -old / -proxyver 2 options), 31 creates a pre-RFC proxy (-
> proxyver 3) and 40 creates an RFC proxy (-rfc / -proxyver 4).
>
> Cheers,
> Robert
>
> On 08/10/13 10:58, Daniela Bauer wrote:
> > Hi,
> >
> > Out of interest - does anyone know why Atlas has this mystery '24' in
> > the configuration ?
> > Other VOs seem to make do without.
> >
> >
> > Cheers,
> > Daniela
> >
> > ---------- Forwarded message ----------
> > From: EGI BROADCAST <[log in to unmask]>
> > Date: 7 October 2013 15:06
> > Subject: [ EGI BROADCAST ] IMPORTANT - ATLAS VOMS configuration to be
> > updated
> > To: Site administrators/UKI-LT2-UCL-HEP
> > <[log in to unmask]>
> >
> >
> > ----------------------------------------------------------------------
> > -----------------------------------------
> > EGI BROADCAST TOOL : https://operations-portal.egi.eu/broadcast
> >
> > ----------------------------------------------------------------------
> > -----------------------------------------
> > Publication from : litmaath <[log in to unmask]> Targets : Site
> > administrators/UKI-LT2-UCL-HEP <[log in to unmask]>
> > ----------------------------------------------------------------------
> > ------------------------------------------
> >
> >
> >
> > Dear EGI site admins,
> >
> > this message is important for sites supporting the ATLAS VO.
> >
> > ATLAS have a VOMS server vo.racf.bnl.gov whose host DN recently has
> > changed, causing proxies signed by that server to be refused by grid services.
> >
> > The VOMS server was therefore switched off for the time being, until
> > all relevant grid services have been reconfigured with the updated details.
> >
> > On services that are VOMS-aware, please ensure the following file has
> > the given content:
> >
> > ----------------------------------------------------------------------
> > ------- $ cat /etc/grid-security/vomsdir/atlas/vo.racf.bnl.gov.lsc
> > /DC=com/DC=DigiCert-Grid/O=Open Science
> > Grid/OU=Services/CN=vo.racf.bnl.gov
> > /DC=com/DC=DigiCert-Grid/O=DigiCert Grid/CN=DigiCert Grid CA-1
> > ----------------------------------------------------------------------
> > -------
> >
> > Some services (e.g. UI, WN, VOBOX, WMS) also have files like the
> > following to be corrected (line folded for readability):
> >
> > ----------------------------------------------------------------------
> > ------- $ cat /etc/vomses/atlas-vo.racf.bnl.gov | fold -w 62 "atlas"
> > "vo.racf.bnl.gov" "15003" "/DC=com/DC=DigiCert-Grid/O= Open Science
> > Grid/OU=Services/CN=vo.racf.bnl.gov" "atlas" "24"
> > ----------------------------------------------------------------------
> > -------
> >
> > Sites using YAIM please apply these site-info.def definitions:
> >
> > ----------------------------------------------------------------------
> > -------
> > VO_ATLAS_VOMS_SERVERS='vomss://voms.cern.ch:8443/voms/atlas?/atlas/'
> > VO_ATLAS_VOMSES="\
> > 'atlas lcg-voms.cern.ch 15001 \
> > /DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch atlas 24' \ 'atlas
> > voms.cern.ch 15001 \ /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch
> atlas
> > 24' \ 'atlas vo.racf.bnl.gov 15003 \ /DC=com/DC=DigiCert-Grid/O=Open
> > Science Grid/OU=Services/CN=vo.racf.bnl.gov \ atlas 24' \ "
> > VO_ATLAS_VOMS_CA_DN="\
> > '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority' \
> > '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority' \
> > '/DC=com/DC=DigiCert-Grid/O=DigiCert Grid/CN=DigiCert Grid CA-1' \ "
> > ----------------------------------------------------------------------
> > -------
> >
> >
> > ----------------------------------------------------------------------
> > ------------------------------------------
> > link to this broadcast :
> > https://operations-portal.egi.eu/broadcast/archive/id/1022
> > ----------------------------------------------------------------------
> > ------------------------------------------
> >
> >
> >
--
Scanned by iCritical.
|