Resources for IT Professionals >
Forums Home
>
Windows HPC (High Performance Computing) Forums
>
Windows HPC Server Developers - General
>
SchedulerException: Permission Denied
SchedulerException: Permission Denied
- Hi,
A service runs under UserX account. It can make the following call without any problem:
var scheduler = new Scheduler(); scheduler.Connect(gridHeadNodeName);
but when it actually submits a job
scheduler.SubmitJob(schedulerJob, UserXDomainName, UserXPassword);
the follwoing exception is thrown:
The code worked last week and I'm wondering what rights disappeared that it stopped working. Any idea how I can figure out what rights are missing and how to add them?SchedulerException: Permission denied. at Microsoft.Hpc.Scheduler.Store.StoreServer.Task_AddTaskToJob(Int32 jobId, Int32& taskId, StoreProperty[] taskProps) at Microsoft.Hpc.Scheduler.Store.JobEx.CreateTask(StoreProperty[] taskProperties) at Microsoft.Hpc.Scheduler.SchedulerTask.CreateTask(IClusterJob job, Int32 rootGroupId, Dictionary`2 taskGroupIdMapping) at Microsoft.Hpc.Scheduler.SchedulerJob.CreateJob() at Microsoft.Hpc.Scheduler.SchedulerJob.Submit(ISchedulerStore store, String username, String password)
Thanks
Pawel
Answers
- Ok , I solved the problem.
This is a (.NET Reflector) code snippet from JobQueryContext.ValidateCaller
if (this._owner != ntIdentity.Name)
The comparison is case sensitive and the check actually passes for the following values:
{
if (!new WindowsPrincipal(ntIdentity).IsInRole(WindowsBuiltInRole.Administrator))
{
return new CallResult(-2147220981);
}
base._role = CallerRole.AdminUser;
}
DOMAIN\user and DOMAIN\USER. My user is not in Administrator role and that's why I got "Permission Denied" error message. I don't know how the data got out of sync with the data in AD. I fixed the casing and all works fine.
I consider this a bug as the comparison should be case-insensitive . Windows treats user names in case-insensitive way thus I don't see why HPCScheduler should more strict.
Thanks
Pawel- Marked As Answer byPawelPabich Thursday, May 21, 2009 5:54 AM
All Replies
- Ok , I solved the problem.
This is a (.NET Reflector) code snippet from JobQueryContext.ValidateCaller
if (this._owner != ntIdentity.Name)
The comparison is case sensitive and the check actually passes for the following values:
{
if (!new WindowsPrincipal(ntIdentity).IsInRole(WindowsBuiltInRole.Administrator))
{
return new CallResult(-2147220981);
}
base._role = CallerRole.AdminUser;
}
DOMAIN\user and DOMAIN\USER. My user is not in Administrator role and that's why I got "Permission Denied" error message. I don't know how the data got out of sync with the data in AD. I fixed the casing and all works fine.
I consider this a bug as the comparison should be case-insensitive . Windows treats user names in case-insensitive way thus I don't see why HPCScheduler should more strict.
Thanks
Pawel- Marked As Answer byPawelPabich Thursday, May 21, 2009 5:54 AM
- Hi Pawel
Thanks for root causing this for us! Yes, this is a bug in our code - we've checked this fix into the service pack branch, so it will be part of our SP1 release in a few weeks.
cheers
jeff
