 |
 |
Yes, that is the way to work. I've never seen any point to recycling, and many points against. john -----Original Message----- From: "David Colling" <[log in to unmask]> To: "[log in to unmask]" <[log in to unmask]> Sent: 22/02/08 16:45 Subject: Re: sgm/prd pool accounts Hi John, I believe that we do effectively by turning off account recycling. So although we have a pool of accounts because the accounts are never recycled once they are allocated they remain associated with the same person (I guess until we rebuild/upgrade the CE I guess). Isn't this the case for most sites, for all the hideous security reasons that have outlined on list many times before? Yes, I realise that this is a different issue to the sgm accounts but it is not totally unrelated. All the best, david Gordon, JC (John) wrote: > So Dave, does Imperial have static accounts defined for every member of every VO you support? That must be a b****r to maintain. > > John > > -----Original Message----- > From: "David Colling" <[log in to unmask]> > To: "[log in to unmask]" <[log in to unmask]> > Sent: 22/02/08 12:09 > Subject: Re: sgm/prd pool accounts > > I must admit that i would be very nervous of using pool accounts for sgm > accounts (or anyother account come to that) > > Gordon, JC (John) wrote: >> Duncan, are you confident that if multiple people use an sgm account at >> your site at the same time that you can satisfy the auditing >> requirements to know who did what? >> >> John >> >>> -----Original Message----- >>> From: Testbed Support for GridPP member institutes >>> [mailto:[log in to unmask]] On Behalf Of Duncan Rand >>> Sent: 21 February 2008 16:12 >>> To: [log in to unmask] >>> Subject: sgm/prd pool accounts >>> >>> Hi >>> >>> At RHUL and QMUL we are installing new clusters and I am >>> coming across the thorny issue of sgm and prd pool accounts. >>> I see that the yaim instructions now state that "Note: static >>> accounts are not recommended". >>> When I did a quick poll of VO's they said yes we can deal >>> with pool sgm accounts but we prefer static sgm accounts. So >>> at RHUL I am planning to use pool prd accounts and static sgm >>> accounts. Has anybody got any comments? >>> >>> many thanks >>> Duncan >>>