Cloudera Community

Archives of Support Questions (Read Only)

This is an archived board for historical reference. Information and links may no longer be available or relevant
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
This board is archived and read-only for historical reference. To ask a new question, please post a new topic on the appropriate active board.
Solved Go to solution

Kerberos is adding control (hidden) characters and a CNF (objectGUID) to the CN

Labels:
avatar
author-rank wgonzalez
Guru

Created ‎09-30-2015 03:28 PM

Trying to delete old Principals throws the following ERROR: 

2015-09-29 09:55:41,330 - Failed to remove identity for HTTP/somenode.mycompany.com@MYCOMPANY.COM from the KDC - Can not remove principal HTTP/somenode.mycompany.com@MYCOMPANY.COM: [LDAP: error code 1 - 000020D6: SvcErr: DSID-031007DB, problem 5012 (DIR_ERROR), data 0 
] 
..(bunch of these) 
Status: 
2015-09-29 09:55:40,851 - Processing identities... 
2015-09-29 09:55:41,268 - Destroying identity, HTTP/somenode.mycompany.com@MYCOMPANY.COM

Checking the AD, the principals that I tried to delete were still there, so obviously failed to be removed. However, in AD, it looks like for the bad principals, there is an additional CNF field and a control hidden character: 

distinguishedNameDN1CN=nm/somenode.mycompany.com\0ACNF:0158d56b-6e58-48f8-adf3-3429f820e6c5,OU=Hadoop,OU=DataCenter,OU=ServersV2,DC=mycompany,DC=com

This CNF field is the objectGUID. Is it normal to have an embedded CNF field (with a hidden character) in the CN? Thank you,

2,158 Views
1 ACCEPTED SOLUTION

avatar
author-rank rlevas
Guru

Created ‎09-30-2015 04:10 PM

It seems like the issue is what is described in When a Duplicate RDN in an OU or Container is Detected

View solution in original post

1,898 Views
2 REPLIES 2

avatar
author-rank rlevas
Guru

Created ‎09-30-2015 04:10 PM

It seems like the issue is what is described in When a Duplicate RDN in an OU or Container is Detected

1,899 Views

avatar
author-rank wgonzalez
Guru

Created ‎09-30-2015 05:06 PM

Good find. Thanks

1,898 Views
0 Kudos
Announcements
Community Announcements
Product Name Updates — Community Label Changes & Notificatio...
What's New @ Cloudera
Announcing Cloudera Data Lineage for Trino
What's New @ Cloudera
Announcing Cloudera Streaming Analytics Operator for Kuberne...
What's New @ Cloudera
Announcing Cloudera Data Services 1.5.5 SP2: AI Inference an...
What's New @ Cloudera
Announcing Cloudera Streams Messaging Operator for Kubernete...
View More Announcements