 |
|
You are here: Foswiki>Main Web>InstallConfigs>NotesUC3VO (25 Mar 2013, LincolnBryant)Edit Attach
NotesUC3VO
Add Support for UC3 VO to MWT2
The following steps were taken to add support for the UC3 VO on MWT2. Jira: http://jira.usatlasfacility.org/browse/MW-605?focusedCommentId=13035#comment-13035 The registration for this VO at OIM can be found at https://voms.grid.iu.edu:8443/voms/UC3/user/search.actionGums additions for UC3
The UC3 VO needs to be added to the MWT2 Gums server so that proper authentication can take place. The MWT2 gums server can be found at https://gums.mwt2.org:8443/gums/index.jsp. Your DN must be a member of the "admin" group listed in the "Manual User Group Members" section to able to make these changes. The following snapshots show the changes. The order these changes are made is important.VOMS Servers
Account Mapper
User Groups
Group to Account Mappings
Host to Group Mappings
Update VO Members
In the "User Management" section, select "Update VO Members" and click on "update VO members database". This function will take a long time to complete as it rebuilds the database with members of each VO on this gums server.Enable VO on Gatekeepers
To enable the UC3 VO, the following line is added to the UID mapping table on all Gatekeepers.uc3 group_opportThis assume that the account "uc3" has already been created. This account has always been in puppet as part of the "osgvo" groups.
Problems
The "Update VO Members" currently fails for UC3 VO. The error is02 Mar 2013 13:48:34,018 [WARN ]: User group update for uc3 failed: Couldn't retrieve users: org.glite.security.voms.admin.error.VOMSException: CSRF header guard missing from request!After some research, the following ticket was found https://ticket.grid.iu.edu/goc/12049?sort=down&expandall=true&; The following line appears to need to be added to the voms configuration for UC3 on the OIM Voms Server in the file /etc/voms-admin/UC3/voms.service.properties
voms.csrf.log_only = trueA GOC ticket was made to request this change https://ticket.grid.iu.edu/goc/14108. Once Scot Tiege made the appropriate change, Gums was successful in updating its VO members
| I | Attachment | Action | Size | Date | Who | Comment |
|---|---|---|---|---|---|---|
 png |
Account_Mappers.png | manage | 52 K | 04 Mar 2013 - 13:24 | DaveLesny | |
| png |
Group_To_Account.png | manage | 56 K | 04 Mar 2013 - 13:24 | DaveLesny | |
| png |
Host_To_Group.png | manage | 61 K | 04 Mar 2013 - 13:25 | DaveLesny | |
| png |
User_Groups.png | manage | 61 K | 04 Mar 2013 - 13:25 | DaveLesny | |
| png |
VOMS_Servers.png | manage | 53 K | 04 Mar 2013 - 13:25 | DaveLesny |
Edit | Attach | Print version | History: r4 < r3 < r2 < r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r4 - 25 Mar 2013, LincolnBryant
CycleSeeder
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding Foswiki? Send feedback