VOMS2CSAgent

The VOMS2CSAgent extracts VO user information from VOMS servers.

It performs the following operations:

  • Extracts user info from the VOMS server using its REST interface

  • Finds user DN’s not yet registered in the DIRAC Registry

  • For each new DN it constructs a DIRAC login name by a best guess or using the nickname VOMS attribute

  • Registers new users to the DIRAC Registry including group membership

  • Updates information for already registered users, including group membership

  • Sends report for performed operation to the VO administrator

The agent is performing its operations with credentials of the VO administrator as defined in the /Registry/VO/<VO_name> configuration section.

The following options can be set for the VOMS2CSAgent.

VOMS2CSAgent options
VOMS2CSAgent
{
  #Time between cycles in seconds
  PollingTime = 14400
  MailFrom = noreply@dirac.system
  # If users will be added automatically
  AutoAddUsers = True
  # If users will be modified automatically
  AutoModifyUsers = True
  # Users no longer registered in VOMS are automatically deleted from DIRAC
  AutoDeleteUsers = True
  # If suspended status is lifted, if lifted in VOMS
  AutoLiftSuspendedStatus = True
  # Detailed report on users per group send to the VO administrator
  DetailedReport = True
  # Automatically create user home directory in the File Catalog
  MakeHomeDirectory = False
  # List of VO names
  VO = Any
  # Flag to turn to False if you want this agent to write in the CS (more granularity within other options)
  DryRun = True
  # Name of the plugin to validate or expand user's info. See :py:mod:`DIRAC.ConfigurationSystem.Client.SyncPlugins.DummySyncPlugin`
  SyncPluginName =
  # If set to true, will query the VO IAM server for the list of user, and print
  # a comparison of what is with VOMS
  CompareWithIAM = False
  # If set to true, will only query IAM and return the list of users from there
  UseIAM = False
  # If set to true only users with a nickname attribute defined in the IAM are created in DIRAC
  ForceNickname = False
}

Note

The options AutoAddUsers, AutoModifyUsers, AutoDeleteUsers can be overridden by the corresponding options defined in the /Registry/VO/<VO_name> configuration section.

class DIRAC.ConfigurationSystem.Agent.VOMS2CSAgent.VOMS2CSAgent(*args, **kwargs)

Bases: AgentModule

__init__(*args, **kwargs)

Defines default parameters

am_Enabled()
am_checkStopAgentFile()
am_createStopAgentFile()
am_getControlDirectory()
am_getCyclesDone()
am_getMaxCycles()
am_getModuleParam(optionName)
am_getOption(optionName, defaultValue=None)

Gets an option from the agent’s configuration section. The section will be a subsection of the /Systems section in the CS.

am_getPollingTime()
am_getShifterProxyLocation()
am_getStopAgentFile()
am_getWatchdogTime()
am_getWorkDirectory()
am_go()
am_initialize(*initArgs)

Common initialization for all the agents.

This is executed every time an agent (re)starts. This is called by the AgentReactor, should not be overridden.

am_removeStopAgentFile()
am_secureCall(functor, args=(), name=False)
am_setModuleParam(optionName, value)
am_setOption(optionName, value)
am_stopExecution()
beginExecution()
endExecution()
execute()
finalize()
initialize()

Initialize the default parameters