VOMS configuration update effective Jan 9th 2007 due to new hostcert of voms.cern.ch
Due to the change of the CERN CA the new certificate DNs of all users and hosts look completely different and the site-info.def files must be updated. This was announced in https://twiki.cern.ch/twiki/bin/view/LCG/LcgScmStatusAas#November_29th Site admins are advised to adopt the update in order to warnings the users will be seeing when trying to obtain a voms-proxy and their vomses files contain the old DN of voms.cern.ch. No service interruption will occur because lcg-voms.cern.ch is, since October 16th 2006, an exact replica of voms.cern.ch and is always contacted when to satisfy voms-proxy-init's. Example VO entry:VO_DTEAM_SW_DIR=$VO_SW_DIR/dteam VO_DTEAM_DEFAULT_SE=$CLASSIC_HOST VO_DTEAM_STORAGE_DIR=$CLASSIC_STORAGE_DIR/dteam VO_DTEAM_QUEUES="dteam" VO_DTEAM_VOMS_SERVERS='vomss://voms.cern.ch:8443/voms/dteam?/dteam/' VO_DTEAM_VOMSES="'dteam lcg-voms.cern.ch 15004 /C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch dteam' 'dteam voms.cern.ch 15004 /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch dteam'"Example VO definition part of the site-info.def file looks like:
... ... # YAIM example site configuration file - adapt it to your site! # Skipped all lines unrelated to the VO definition # VO specific settings. For help see: https://lcg-sft.cern.ch/yaimtool/yaimtool.py VO_ATLAS_SW_DIR=$VO_SW_DIR/atlas VO_ATLAS_DEFAULT_SE=$CLASSIC_HOST VO_ATLAS_STORAGE_DIR=$CLASSIC_STORAGE_DIR/atlas VO_ATLAS_QUEUES="atlas" VO_ATLAS_VOMS_POOL_PATH="/lcg1" VO_ATLAS_VOMS_SERVERS='vomss://voms.cern.ch:8443/voms/atlas?/atlas/' #VO_ATLAS_VOMS_EXTRA_MAPS="'Role=production production' 'usatlas .usatlas'" VO_ATLAS_VOMSES="'atlas lcg-voms.cern.ch 15001 /C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch atlas' 'atlas voms.cern.ch 15001 /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch atlas'" VO_ALICE_SW_DIR=$VO_SW_DIR/alice VO_ALICE_DEFAULT_SE=$CLASSIC_HOST VO_ALICE_STORAGE_DIR=$CLASSIC_STORAGE_DIR/alice VO_ALICE_QUEUES="alice" VO_ALICE_VOMS_SERVERS='vomss://voms.cern.ch:8443/voms/alice?/alice/' VO_ALICE_VOMSES="'alice lcg-voms.cern.ch 15000 /C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch alice' 'alice voms.cern.ch 15000 /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch alice'" VO_CMS_SW_DIR=$VO_SW_DIR/cms VO_CMS_DEFAULT_SE=$CLASSIC_HOST VO_CMS_STORAGE_DIR=$CLASSIC_STORAGE_DIR/cms VO_CMS_QUEUES="cms" VO_CMS_VOMS_SERVERS='vomss://voms.cern.ch:8443/voms/cms?/cms/' VO_CMS_VOMSES="'cms lcg-voms.cern.ch 15002 /C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch cms' 'cms voms.cern.ch 15002 /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch cms'" VO_LHCB_SW_DIR=$VO_SW_DIR/lhcb VO_LHCB_DEFAULT_SE=$CLASSIC_HOST VO_LHCB_STORAGE_DIR=$CLASSIC_STORAGE_DIR/lhcb VO_LHCB_QUEUES="lhcb" VO_LHCB_VOMS_SERVERS='vomss://voms.cern.ch:8443/voms/lhcb?/lhcb/' VO_LHCB_VOMS_EXTRA_MAPS="lcgprod lhcbprod" VO_LHCB_VOMSES="'lhcb lcg-voms.cern.ch 15003 /C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch lhcb' 'lhcb voms.cern.ch 15003 /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch lhcb'" VO_DTEAM_SW_DIR=$VO_SW_DIR/dteam VO_DTEAM_DEFAULT_SE=$CLASSIC_HOST VO_DTEAM_STORAGE_DIR=$CLASSIC_STORAGE_DIR/dteam VO_DTEAM_QUEUES="dteam" VO_DTEAM_VOMS_SERVERS='vomss://voms.cern.ch:8443/voms/dteam?/dteam/' VO_DTEAM_VOMSES="'dteam lcg-voms.cern.ch 15004 /C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch dteam' 'dteam voms.cern.ch 15004 /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch dteam'" VO_BIOMED_SW_DIR=$VO_SW_DIR/biomed VO_BIOMED_DEFAULT_SE=$CLASSIC_HOST VO_BIOMED_STORAGE_DIR=$CLASSIC_STORAGE_DIR/biomed VO_BIOMED_QUEUES="biomed" VO_BIOMED_VOMS_SERVERS="vomss://cclcgvomsli01.in2p3.fr:8443/voms/biomed?/biomed/" VO_BIOMED_VOMSES="biomed cclcgvomsli01.in2p3.fr 15000 /O=GRID-FR/C=FR/O=CNRS/OU=CC-LYON/CN=cclcgvomsli01.in2p3.fr biomed" VO_OPS_SW_DIR=$VO_SW_DIR/ops VO_OPS_DEFAULT_SE=$CLASSIC_HOST VO_OPS_STORAGE_DIR=$CLASSIC_STORAGE_DIR/ops VO_OPS_QUEUES="ops" VO_OPS_VOMS_SERVERS="vomss://voms.cern.ch:8443/voms/ops?/ops/" VO_OPS_VOMSES="'ops lcg-voms.cern.ch 15009 /C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch ops' 'ops voms.cern.ch 15009 /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch ops'" # Blank is mandatory GRIDMAP_AUTH=" "This is how the resulting vomses files should look:
- http://dimou.web.cern.ch/dimou/lcg/voms/vomses_2007_1file_per_VO
(old and new voms.cern.ch cert. present. One of them is valid at any point in time.)
- http://dimou.web.cern.ch/dimou/lcg/voms/vomses_2007
Topic revision: r2 - 2006-12-18 - MariaDimou
LCG Wikis
- ABATBEA
- ACPP
- ADCgroup
- AEGIS
- AfricaMap
- AgileInfrastructure
- ALICE
- AliceEbyE
- AliceSPD
- AliceSSD
- AliceTOF
- AliFemto
- ALPHA
- Altair
- ArdaGrid
- ASACUSA
- AthenaFCalTBAna
- Atlas
- AtlasLBNL
- AXIALPET
- CAE
- CALICE
- CDS
- CENF
- CERNSearch
- CLIC
- Cloud
- CloudServices
- CMS
- Controls
- CTA
- CvmFS
- DB
- DefaultWeb
- DESgroup
- DPHEP
- DM-LHC
- DSSGroup
- EGEE
- EgeePtf
- ELFms
- EMI
- ETICS
- FIOgroup
- FlukaTeam
- Frontier
- Gaudi
- GeneratorServices
- GuidesInfo
- HardwareLabs
- HCC
- HEPIX
- ILCBDSColl
- ILCTPC
- IMWG
- Inspire
- IPv6
- IT
- ItCommTeam
- ITCoord
- ITdeptTechForum
- ITDRP
- ITGT
- ITSDC
- LAr
- LCG
- LCGAAWorkbook
- Leade
- LHCAccess
- LHCAtHome
- LHCb
- LHCgas
- LHCONE
- LHCOPN
- LinuxSupport
- Main
- Medipix
- Messaging
- MPGD
- NA49
- NA61
- NA62
- NTOF
- Openlab
- PDBService
- Persistency
- PESgroup
- Plugins
- PSAccess
- PSBUpgrade
- R2Eproject
- RCTF
- RD42
- RFCond12
- RFLowLevel
- ROXIE
- Sandbox
- SocialActivities
- SPI
- SRMDev
- SSM
- Student
- SuperComputing
- Support
- SwfCatalogue
- TMVA
- TOTEM
- TWiki
- UNOSAT
- Virtualization
- VOBox
- WITCH
- XTCA
 |
|
Copyright &© 2008-2023 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback