Checking and changing the ROAM server
Introduction
Both MDSplus and Globus use the ROAM server to authenticate users. If a user is not in the ROAM database
or does not have the proper authorization, MDSplus will give an error and Globus will fail over to the
/etc/grid-security/grid-mapfile
for authentication. The primary server is roam.fusiongrid.org.
The mirror server is cert.fusiongrid.org/roam.php.
To check if ROAM server is working
# On transpgrid as randerso
module purge
export MDSPLUS_DIR=/usr/pppl/fusiongrid/1.0-2/fusiongrid
export setup_file=/p/fusiongrid/mdsplus_info/envsyms_roam
source $MDSPLUS_DIR/setup.sh
CN="/DC=org/DC=FusionGrid/OU=People/CN=Lewis Elvin Randerson 210592"
com="check_access_jobmanager('$CN')"
# Find out what server now default
echo $ROAM_SERVER
roam.fusiongrid.org
# Test server
$ echo "$com" | tditest
check_access_jobmanager('/DC=org/DC=FusionGrid/OU=People/CN=Lewis Elvin Randerson 210592')
"pshr0006"
# Test mirror server
$ export ROAM_SERVER=cert.fusiongrid.org/roam.php
$ echo "$com" | tditest
check_access_jobmanager('/DC=org/DC=FusionGrid/OU=People/CN=Lewis Elvin Randerson 210592')
"pshr0006"
To change ROAM server
# On transpgrid as root
cd /usr/pppl/fusiongrid/1.0-2/fusiongrid/local
# Determine which server is active
/bin/grep ROAM_SERVER roam.env{,-primary,-mirror}
roam.env:ROAM_SERVER cert.fusiongrid.org/roam.php
roam.env-primary:ROAM_SERVER roam.fusiongrid.org
roam.env-mirror:ROAM_SERVER cert.fusiongrid.org/roam.php
# Update (in this case go back to primary}
/bin/cp -i roam.env-primery roam.env