https://community.cloudera.com/t5/Archives-of-Support-Questions/Kerberos-change-password-is-not-working-from-kadmin-local/m-p/48552#M48723 <P>Issue fixed!!</P><P>&nbsp;</P><P>My bad!&nbsp;From our list of nodes, i know either node01 or node02&nbsp;has&nbsp;krb5-server. So I randomly pick the node01 and applied kadmin.local command, it worked, so started applying change password and endup with failure</P><P>&nbsp;</P><P>(Note: kadmin.local command is working in both node01 and node02).&nbsp;</P><P>&nbsp;</P><P>Latter realized node02 is our krb5-server from the below configuration. so login to node02 and delete &amp; recreated the principal. it is working fine now from all our nodes...</P><P>&nbsp;</P><P>cat /etc/krb5.conf<BR />[realms]<BR />*** = {<BR />kdc = node01:88<BR />kdc = node02:88<BR />admin_server = node02:749<BR />default_domain = ***<BR />max_renewable_life = 7d<BR />max_life = 7d<BR />}</P><P>&nbsp;</P><P>Thanks</P><P>Kumar</P> Wed, 14 Dec 2016 22:25:48 GMT saranvisa 2016-12-14T22:25:48Z https://community.cloudera.com/t5/Archives-of-Support-Questions/Kerberos-change-password-is-not-working-from-kadmin-local/m-p/48493#M48722 <P>One of our user lost her kerberos password and I am trying to reset the password using below steps</P><P>&nbsp;</P><P>kadmin.local:<BR />kadmin.local: change_password user@REALM.COM<BR />Enter password for principal "user@REALM.COM":<BR />Re-enter password for principal "user@REALM.COM":<BR />Password for "user@REALM.COM" changed.<BR />kadmin.local:q</P><P>&nbsp;</P><P>Trying to login with new password after that but getting the below error<BR />kinit user@REALM.COM<BR />Password for user@REALM.COM:<BR />kinit: Password incorrect while getting initial credentials</P><P>&nbsp;</P><P>So I drop the user principal using delprinc and recreated with new password but still getting the same error</P><P><BR />Then I've created a keytab and tried to access user using keytab, it is working<BR />kadmin.local:xst -norandkey -k /tmp/user.keytab user@REALM.COM</P><P>$kinit user@REALM.COM -k -t /tmp/user.keytab</P><P>&nbsp;</P><P>But the below command still shows the error.<BR />$kinit user@REALM.COM<BR />kinit: Password incorrect while getting initial credentials</P><P><BR />Can someone help me on this?</P><P>&nbsp;</P><P>Thanks</P><P>Kumar</P> Tue, 13 Dec 2016 21:46:03 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/Kerberos-change-password-is-not-working-from-kadmin-local/m-p/48493#M48722 saranvisa 2016-12-13T21:46:03Z https://community.cloudera.com/t5/Archives-of-Support-Questions/Kerberos-change-password-is-not-working-from-kadmin-local/m-p/48552#M48723 <P>Issue fixed!!</P><P>&nbsp;</P><P>My bad!&nbsp;From our list of nodes, i know either node01 or node02&nbsp;has&nbsp;krb5-server. So I randomly pick the node01 and applied kadmin.local command, it worked, so started applying change password and endup with failure</P><P>&nbsp;</P><P>(Note: kadmin.local command is working in both node01 and node02).&nbsp;</P><P>&nbsp;</P><P>Latter realized node02 is our krb5-server from the below configuration. so login to node02 and delete &amp; recreated the principal. it is working fine now from all our nodes...</P><P>&nbsp;</P><P>cat /etc/krb5.conf<BR />[realms]<BR />*** = {<BR />kdc = node01:88<BR />kdc = node02:88<BR />admin_server = node02:749<BR />default_domain = ***<BR />max_renewable_life = 7d<BR />max_life = 7d<BR />}</P><P>&nbsp;</P><P>Thanks</P><P>Kumar</P> Wed, 14 Dec 2016 22:25:48 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/Kerberos-change-password-is-not-working-from-kadmin-local/m-p/48552#M48723 saranvisa 2016-12-14T22:25:48Z