Exclusive Users for Storage Elements

Reserving write permissions on SE's to certain users

The SE discovery feature of AliEn identifies SEs based on a QoS field in their LDAP entry, which is a komma separated list of flags. By setting another field in an SE's LDAP entry, the so called exclusiveUsers, it is possbile to allow only certain users to write on that respective SE.

Once setting e.g. both the QoS and the exlusiveUsers field in the LDAP entry of the SE 'ALICE::PLUTO::SE' to 'aliprod', only the user 'aliprod' may write to that SE,

by setting it as a QoS flag with the number of required copies:

OutputArchive={”myArchive:file*@aliprod=3”};

or by specifying it directly:

OutputArchive={”myArchive:file*@ALICE::PLUTO::SE”};

If the exlusiveUsers field in an SE's LDAP entry is empty, everybody has the permission to write on that respective SE.

CERN Accelerating science

Exclusive Users for Storage Elements