Well, technically it need not be required as SSS encrupts all of it's transactions. However, I suspect that somewhere there is a check whether or not the TLS is enabled when ztn creds show up and, if not, they are discarded. Indeed, there are a lot of moving pieces here. The question is whether or not requiring TLS on the origin via SSS is the proper way of handling this. Andy On Thu, 22 Dec 2022, Bryan Hess wrote: > BINGO-- forcing the origin to use TLS was the missing piece of the puzzle, and my configuration now works as expected. I get the ztn credentials on the origin and am able to map them to a local unix user successfully with multiuser. > > Thank you both for your help! This setup has lots of moving parts, and the guidance of where to look was super valuable. Have a good holiday! > > -- > Reply to this email directly or view it on GitHub: > https://github.com/xrootd/xrootd/issues/1851#issuecomment-1362968857 > You are receiving this because you were mentioned. > > Message ID: ***@***.***> -- Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1851#issuecomment-1376543198 You are receiving this because you commented. Message ID: <[log in to unmask]> ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1