Cloudera Community

Archives of Support Questions (Read Only)

This is an archived board for historical reference. Information and links may no longer be available or relevant
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
This board is archived and read-only for historical reference. To ask a new question, please post a new topic on the appropriate active board.
Solved Go to solution

password incorrect

Labels:
avatar
author-rank amazon20062007
New Member

Created on ‎01-22-2017 10:06 AM - edited ‎09-16-2022 03:55 AM

After I "Enable Kerberos" I execute kinit, it reminds me to input password. But i do not set password for it.

4,823 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank jsensharma author-rank
Master Mentor

Created ‎01-22-2017 11:17 AM

@Zhao Chaofeng

Are you passing the keytab path to it?

Example:

Syntax:
kinit -kt  /PATH/TO/Keytab_file  $PRINCIPAL_NAME

Example:
kinit  -kt  /etc/security/keytabs/hdfs.headless.keytab  hdfs-ClusterDemo@EXAMPLE.COM

.

View solution in original post

4,280 Views
0 Kudos
5 REPLIES 5

avatar
author-rank jsensharma author-rank
Master Mentor

Created ‎01-22-2017 11:17 AM

@Zhao Chaofeng

Are you passing the keytab path to it?

Example:

Syntax:
kinit -kt  /PATH/TO/Keytab_file  $PRINCIPAL_NAME

Example:
kinit  -kt  /etc/security/keytabs/hdfs.headless.keytab  hdfs-ClusterDemo@EXAMPLE.COM

.

4,281 Views
0 Kudos

avatar
author-rank amazon20062007
New Member

Created ‎01-22-2017 01:44 PM

Yes, I kinit -kt first, and then execute kadmin.local.

4,280 Views
0 Kudos

avatar
author-rank amazon20062007
New Member

Created ‎01-23-2017 09:10 AM 

My operation is:
[root@bigdata013 centos]# kinit -kt /etc/security/keytabs/hdfs.headless.keytab hdfs-bigdata@ISTUARY.COM
[root@bigdata013 centos]# kinit hdfs-bigdata@ISTUARY.COM
Password for hdfs-bigdata@ISTUARY.COM: 
kinit: Password incorrect while getting initial credentials
4,280 Views
0 Kudos

avatar
author-rank jsensharma author-rank
Master Mentor

Created ‎01-23-2017 10:00 AM

@Zhao Chaofeng

Looks like your kinit was successful earlier when you run the command as it did not show any error. So i think the ticket was generated fine.

[root@bigdata013 centos]# kinit -kt /etc/security/keytabs/hdfs.headless.keytab hdfs-bigdata@ISTUARY.COM

After running the above command did you check the output of "klist" command to see if you got the kerberos ticket?

[root@bigdata013 centos]# klist

.

Example at my end:

# kinit  -kt  /etc/security/keytabs/hdfs.headless.keytab  hdfs-JoyCluster@EXAMPLE.COM 

# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: hdfs-JoyCluster@EXAMPLE.COM

Valid starting     Expires            Service principal
01/23/17 10:00:20  01/23/17 10:00:50  krbtgt/EXAMPLE.COM@EXAMPLE.COM
    renew until 01/23/17 10:00:20

.

4,280 Views
0 Kudos

avatar
author-rank amazon20062007
New Member

Created ‎01-23-2017 10:10 AM

Yes, I run the command success before, but it is not right when I run the command after I install LDAP.

Thank you, I will retry a minute.

4,280 Views
0 Kudos
Announcements
What's New @ Cloudera
Announcing Cloudera Streaming Analytics 1.17: Python UDFs, S...
Community Announcements
Content Update: Evolving Our Community Content for Better, A...
Community Announcements
Product Name Updates — Community Label Changes & Notificatio...
What's New @ Cloudera
Announcing Cloudera Data Lineage for Trino
What's New @ Cloudera
Announcing Cloudera Streaming Analytics Operator for Kuberne...
View More Announcements