Hello, Does the account boss exists on the server machine? Did you use the account boss when you created the first user on the server? The account to which the DN will be mapped must exist on the machine where the mapping will be performed. In your case, it is the server machine.
I think this may help. Cheers, Hamza > hello, > I m in a very tough condition now while installing and configuring > GTkit 4.0.5. > I have installed GTK in a machine named pbs where PBS have been > configured. That machine will be the head node of a cluster. I have > made the Certificate authority in that machine itself. After that I > made a user in the same machine, made a usercert.pem and worked on it. > As that user i can do grid-url-cpy, gklobus-ws job submission using > fork as well as PBS. There is not error. Then I decided to make the > other machine as client which can submit job. So I installed gtk-4.0.5 > in that machine also. Made a hostkey.pem, hostcert.pem and all. i got > it signed from the pbs server where CA has been set up. I then made a > user and made the userkey and usercert and got it signed from the > globus user of pbs server. But when i tried adding the dn and ln of > that user which is in the client to the > /etc/grid-security/grid-mapfile file of the pbs server then the below > given error is coming. > # grid-mapfile-add-entry -dn > "/O=Grid/OU=Glob/OU=simple/OU=hcl.in/CN=boss" -ln boss > Modifying /etc/grid-security/grid-mapfile ... > entry not added because the LN(s) is/are not legitimate > But i can add the user in the grid-mapfile of the client machine. > Then when i tried to do the globus-url-copy from the user which is in > the client server named (boss), it gave the below given error. > $ globus-url-copy -vb gsiftp://pbs/etc/issue file:/tmp/fooSource: > gsiftp://pbs/etc/ > Dest: file:/tmp/ > issue -> foo > > error: globus_xio: Unable to open file /tmp/foo > globus_xio: System error in open: Permission denied > globus_xio: A system call failed: Permission denied > > can anyone help me. > Is that any step which i need to do in the client machine. > Please some one answer... > Dheeraj > >
