Hello all, I`ve been new to glite3.1 and DPM so I`ve been a bit awkward with config. So there are some questions. It`s mostly of interest and not so important in short time. First, DPM I now have values VO_DEFAULT_SE set in environment for all grid user accounts, that is why SAM-tests failed, though they somehow appeared in dpm-gsiftp.logs. Reconfiguration with yaim(glite-yaim-lcg-ce-4.0.4-2) don`t help with environment, though wiki says that file defaults/site-info.pre is sourced before site-info.def. So, I believed, environment must be set correctly(exactly unset), additionally I haven`t ever changed them from default, however it was parsed and accepted. Does it really need some special manipulations with profile.d and no other way? Well, now I reset these values - commented in site-info.def and remove from glite_environment. But now there is warning like this "IN: dn: GlueVOViewLocalID=sgmops,GlueCEUniqueID=grid8.wdcb.ru:2119/jobmanager-lcgpbs-ops,Mds-Vo-name=ru-Moscow-GCRAS-LCG2,o=grid "GlueCEInfoDefaultSE: GlueCEInfoApplicationDir: GlueCEInfoDataDir: unset"" What really I supposed to do now? Than, I`ve managed to copy a file(with globus-url-copy) into dpm_path/VO/file and not in dpm_path/VO/generated/somewhat/file. And after that I cannot remove it by user itself - it saying somewhat "full_file_path. File exist." and dpm-rm doing nothing. So I do it by root on DPM host. File still exist by users view, though it cannot now be copied elsewhere - it realy erased. Where I did it wrong or how can it be corrected? Seemingly it not only my problem, but other users also. What is the way user must use copy to dpm with "generated" folder? By hand only? Second is BDII, BDII_site: I`ve mistakenly run function config_bdii during reconfiguration(was testing parameters) and managed to return all back only in very complicated manner by uninstalling and reinstalling openldap(slapd wasn`t started automatically). However, I still don`t believe that bdii-update.conf is correct just containing only one line with "GIP ..." - does it so? If yes, than is bdii_regions value meaningfull? What is deceiving, that on my SE node there is only this one line is the file - but ldapsearch return too few info. Is it all OK with BDII yaim config 31 version? And could it be possible to include GLITE_VERSION check with running configuration with just functions separately not nodes? Also I`ve tried my best to set up firewall ports correctly (2135, 2170-2173 is the base, right?) but ldapsearch can`t be carried out from outside the site(from goc.sinica.edu). At least some upper port(rather than GLOBUS_TCP) is used(for example 36255) for forwarding, but it doesn`t described. sBDII is on CE. Any comments? I`ve also found that BDII_BDII_URL="ldap://$SITE_BDII_HOST:2170/mds-vo-name=recource,o=grid" must be set in some cases, but there is now nothing in example. (see https://savannah.cern.ch/bugs/?func=detailitem&item_id=31895 or /opt/glite/etc/gip/site-urls.conf). Such line with DPM_HOST not also specified, though somehow it is clear. And last is gridice Is it neccessary to install the whole server in a small site, and if not, what and where(CE,SE,WNs?) are needed to be installed? What else services must be installed to such a site, but the only one for the VO? I`ve used not to manage with myproxy of the leading cluster some time before, so must I install it by my site? VO voms is also on upper cluster - but do I need VOBOX, LFC or smth else? Otherwise, how can VO members can find and use such info and services? Thank in advance for any answers! And finally, is it possible to include in yaim_guide info, that queues(Torque) must be allowed for sgmops_ACLs(for SAM tests. Is simply ops/dteam accounts still used?)? Up to now I know only one method to really allow - it`s to modify /var/spool/pbs/server_priv/acl_groups/VO_queue, then reconfig. But how exactly it is possible via <QUEUE-NAME>_GROUP_ENABLE in site-info.def as guide saying? Just OPS_GROUP_ENABLE= "ops sgmops" seemingly doesn`t work(not exactly - it doesn`t work with pbs_server, though some other variables are set). Or why not to include this information somehow to VO_specific(vo.d/VO) lines? Then admins would know what exactly VO_Roles used to. May be it is becouse of something else(lcmaps,..) - I`ve saw some sites proving that "ops" only enough. Isn`t it too complicated? yum repos The default one says nothing about "lcg-CA.repo enabled=1". But today some updates performed only by "yum update node_name"(and they were enabled=1). And also, WN node`s lcg-vomscerts was updated not as soon as update was published - I mean, there are three rpms in update, and two of them already was the newest versions, but the last even hasn`t one with "yum list lcg-vomscerts"(after yum upgrade). I don`t think this is correct. May I wrong with repos config? And another interesting question. Can admins somehow improve "Effic" parameter of running job(showq -r) or how site_config(not just software) affect it? - I just don`t believe 12% is Ok. Too much question..., I wonder if someone will answer all or just read through everything. However, good luck ;) and thank you! -- Best regards, Alexander mailto:[log in to unmask]