Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Dteam vo

From EGIWiki
Revision as of 12:55, 15 December 2010 by Pslizik (talk | contribs) (Removed superfluous spaces after backslashes - they were the cause of several tickets)
Jump to navigation Jump to search

Migration of the dteam VO from CERN to EGI VOMS (AUTH/NGI_GRNET)

  1. Sync dteam Greece with dteam CERN.
  2. Advise sites to add the new VOMS server to their configuration. They need to be told new site-info.def definitions to replace these:
VO_DTEAM_VOMS_SERVERS='vomss://voms.cern.ch:8443/voms/dteam?/dteam/' 

VO_DTEAM_VOMSES="\
'dteam lcg-voms.cern.ch 15004 \
/DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch dteam 24' \
'dteam voms.cern.ch 15004 \
/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch dteam 24'"

and 

VO_DTEAM_VOMS_CA_DN="\
'/DC=ch/DC=cern/CN=CERN Trusted Certification Authority' \
'/DC=ch/DC=cern/CN=CERN Trusted Certification Authority'"

with these: 

VO_DTEAM_VOMS_SERVERS='vomss://voms.hellasgrid.gr:8443/voms/dteam?/dteam/' 

VO_DTEAM_VOMSES="\
'dteam lcg-voms.cern.ch 15004 \
/DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch dteam 24' \
'dteam voms.cern.ch 15004 \
/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch dteam 24' \
'dteam voms.hellasgrid.gr 15004 \
/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms.hellasgrid.gr dteam 24' \
'dteam voms2.hellasgrid.gr 15004 \
/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms2.hellasgrid.gr dteam 24'"

and 

VO_DTEAM_VOMS_CA_DN="\
'/DC=ch/DC=cern/CN=CERN Trusted Certification Authority' \
'/DC=ch/DC=cern/CN=CERN Trusted Certification Authority' \
'/C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2006' \
'/C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2006'"

Note that CERN VOMS servers are to remain in the site configuration during this transitional phase. The new "lsc" files should be voms.hellasgrid.gr.lsc and voms2.hellasgrid.gr.lsc with the following contents, respectively: 

/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms.hellasgrid.gr
/C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2006

/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms2.hellasgrid.gr
/C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2006
  1. Sites also need an rpm containing the host cert(s) of the new VOMS server(s) at least for the WMS, while it still requires the certs of supported VOs. We could add those certs to lcg-vomscerts to smoothen the transition, but it may be better for EGI to control its own rpm. 11/10/2010 lcg-vomscerts has been already updated. Version 6.1.0 and later contains the new certs. Latest[1] as of 11/11/2010.
  1. Wait a bit (1 month sounds reasonable).
  1. Close registrations at CERN. service stop vomrs should do.
  1. Sync dteam Greace with dteam CERN.
  1. Advise new users to register with Greece.
  1. Remove CERN dteam.
  1. Advise sites to drop CERN dteam configuration.
Retrieved from "https://wiki.egi.eu/w/index.php?title=Dteam_vo&oldid=6937"