Problem Solving




o cert.fusiongrid.org down
o ==============================================

  Script myproxy-get-delegation fails
  
  Solution is to reference roam.fusiongrid.org 
    myproxy-get-delegation -s roam.fusiongrid.org

o roam.fusiongrid.org down
o ==============================================

  Authentication and authorization used by globus
  server and  mdsplus server will fail.

  Must update servers to use cert.fusiongrid.org

  File to update is on portal

   # On sunfire01; MUST be root
   cd /usr/pppl/fusiongrid/1.0-2/fusiongrid/local
   /bin/cp roam.env-mirror roam.env

o PPPL mail server not accessable
o ==============================================

 ---------------------------------------- 
  Error message will be: 
  Sent to:
    fusiongrid_support@pppl.gov
  Subject of message:
    Cron  cd /var/www/cgi-bin ; /usr/bin/python loadCert.py
  Error in message:
  Traceback (most recent call last):
  File "loadCert.py", line 28, in ?
  i = imaplib.IMAP4_SSL( 'mail.pppl.gov' )
  File "/usr/lib/python2.3/imaplib.py", line 1073, in __init__
    IMAP4.__init__(self, host, port)
  File "/usr/lib/python2.3/imaplib.py", line 157, in __init__
    self.open(host, port)
  File "/usr/lib/python2.3/imaplib.py", line 1085, in open
    self.sock.connect((host, port))
 ###############################################################
  File "", line 1, in connect
 socket.error: (111, 'Connection refused')
 ---------------------------------------- 


o FGCM@pppl.gov mailbox password has expired
o ==============================================

 -------------------------------------------
  Error message will be:
  Sent to:
    fusiongrid_support@pppl.gov
  Subject will be: (could also refer to loadCert.py)
    Cron  cd /var/www/cgi-bin ; /usr/bin/python renewalMail.py
  Error in message:
    error checking fgcm mailbox 
 -------------------------------------------

  Cert.fusiongrid.org (blackbird.pppl.gov) can not read  
  certificate requests or renewal mail from FGCM@pppl.gov  

  Must request Lena Scimeca update password
  

o FusionGrid certificate on blackbird expires
o ==============================================

 ---------------------------------------- 
  Error message is in log file but will be relayed
   via logwatch.
	From: 	root@pppl.gov
	Subject: 	LogWatch for blackbird.pppl.gov
	Date: 	August 1, 2008 4:02:03 AM EDT
	To: 	fusiongrid_support@pppl.gov
  Sent to:
    fusiongrid_support@pppl.gov
  Subject of message:
    LogWatch for blackbird.pppl.gov
  Error in message:
  A total of 2 unidentified 'other' records logged
    GET /cgi-bin/renew-Cert.py?cn=FusionGrid%20Certificate%20Manager%2010200 HTTP/1.1 with response code(s) 404 1 responses
    GET /cgi-bin/renewCert.py?cn=FusionGrid%20Certificate%20Manager%2010200 HTTP/1.1 with response code(s) 200 1 responses
 ---------------------------------------- 

  cert.fusiongrid.org can not enter user information into
    roam.fusiongrid.org

  This is the certificate in
    blackbird.pppl.gov:/var/www/Users/fgcm_cert.pem

  See "Updating Certificates" on getting replacement
  certificate.

o Expired user cannot renew certificate.
o ==============================================

  User gets a message that this username already taken.

  Solution is for user to get a new username or
  for us to remove the old username.  

  See 
http://w3.pppl.gov/transp/FusionGridCertificateManager/fusiongrid_internals.html

o User gets failure while renewing interactively
o ==============================================

  Have not completly resolved this.  This seems to be
  related to DOEgrids no longer giving a thirty day
  slack in renewing certificates.  Solution is to
  treat it as an expired user.