![]() |
|||
![]() |
![]() ![]() |
![]() |
![]() ![]() |
![]() |
![]() ![]() |
![]() |
| ||||||||||||||||||||||||||
Appendix BUser Management For N1GE on Windows HostsOverviewEvery user of the N1GE execution environment of a Windows machine must have a user account. User accounts contain information about the user, including name, password, various optional entries that determine when and how users log on. and how their desktop settings are stored. Following sections describe how you would use Windows user management to support N1GE. Windows machines are referred to here using three different terms. The following table lists the terms and the operating systems which might run on each corresponding host:
Managing Users on Windows HostsIt is possible to administer user accounts on all Windows hosts individually. Each Windows Host has an authentication centre which validates usernames and corresponding user rights. User accounts which are defined on a Windows workstation are referred to here as local user accounts or local users. Each Windows Host has it's own local domain and each Windows Server has the ability to make that domain available to other hosts. Account names within a local domain and account names within a server domain can collide. To avoid such collisions, you must specify the correct user account by providing the domain name as a prefix to the user account name followed by a '+' character. Windows User ExampleThe following is an example that illustrates the potential complexity of Windows host accounts interacting with Windows Domain accounts. Suppose Windows Workstation host named CRUNCH has a local user account named Peter. This Windows Workstation is part of the domain named ENGINEERING. This domain is provided by a Windows Server which also has a user account named Peter. In this example, the ENGINEERING domain is the default domain of the host named CRUNCH. The following table shows the possible results of what would happen if a person tried to login to CRUNCH. Table B-1 Using Domain Accounts
Each domain has a special user account providing super user access. The default name for that account is Administrator. Only this Administrator can start applications on behalf of other user accounts without needing to know the Windows password for each account. So, a local administrator can start applications for local users and a domain administrator can run processes under the account of domain users. UNIX User ManagementUNIX has no equivalent to the Windows domain concept. Win UNIX, each user has a local account and is authenticated as a local account even if the underlaying account information lies on a LDAP or NIS server. The UNIX super user (root) is similar to the local Windows super user (Administrator). The UNIX super user can start applications and processes on behalf UNIX accounts without knowing each corresponding password. Using N1GE in a Microsoft Windows EnvironmentThe N1GE execution environment has to start jobs on behalf of the submitting user. The execution daemon (sge_execd) on UNIX hosts runs as the user root so it can start jobs on behalf of all users. On Windows Hosts the execution daemon runs as the local Administrator user so it can start jobs for local users without knowing their passwords. However, to start a job for a domain user, the execution daemon needs the password for that domain user. To facilitate this process, each user with a domain account needs to have their corresponding Windows password registered with N1GE. Registering Windows Domain User PasswordsDomain users who want to start N1GE jobs on Windows execution hosts register their Windows passwords with N1GE using the sgepasswd client application. The following example shows Peter who has a user account in the domain ENGINEERING registering his Windows password.
Using the sgepasswd Commandsgepasswd modifies the Grid Engine password file (sgepasswd(5).) This file contains a list of usernames and their Windows passwords in encrypted form. You can use the sgepasswd to add a new entry for your user account or change your existing password. Additionally, the root user can change or delete the password entries for other user accounts. sgepasswd is only available on non-Windows hosts. It has the following syntax:
This command has these options:
Additionally, The following environment variables affect the operation of this command.
| ||||||||||||||||||||||||||
| ||||||||||||||||||||||||||
![]() |