Reply
Highlighted
New Contributor
Posts: 1
Registered: ‎05-24-2019

Enable Kerberos via Cloudera Manager wizard failed

[ Edited ]

Hi All,

 

Could someone please help me with the issue below. This happened when I am trying to enable kerberos using wizrd from CM

 



/opt/cloudera/cm/bin/import_credentials.sh failed with exit code 1 and output of << + export PATH=/usr/kerberos/bin:/usr/kerberos/sbin:/usr/lib/mit/sbin:/usr/sbin:/usr/lib/mit/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin + PATH=/usr/kerberos/bin:/usr/kerberos/sbin:/usr/lib/mit/sbin:/usr/sbin:/usr/lib/mit/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin + KEYTAB_OUT=/var/run/cloudera-scm-server/cmf8855603408704216973.keytab + USER=USERNAME-REDACTED + passwd=BUNDLE-REDACTED KVNO=1 + SLEEP=0 + RHEL_FILE=/etc/redhat-release + '[' -f /etc/redhat-release ']' + set +e + grep Tikanga /etc/redhat-release + '[' 1 -eq 0 ']' + '[' 0 -eq 0 ']' + grep 'CentOS release 5' /etc/redhat-release + '[' 1 -eq 0 ']' + '[' 0 -eq 0 ']' + grep 'Scientific Linux release 5' /etc/redhat-release + '[' 1 -eq 0 ']' + set -e + '[' -z /var/run/cloudera-scm-server/krb57376075517873221004.conf ']' + echo 'Using custom config path '\''/var/run/cloudera-scm-server/krb57376075517873221004.conf'\'', contents below:' + cat /var/run/cloudera-scm-server/krb57376075517873221004.conf + IFS=' ' + read -a ENC_ARR + for ENC in '"${ENC_ARR[@]}"' + echo 'addent -password -p USERNAME-REDACTED -k 1 -e rc4-hmac' + ktutil + '[' 0 -eq 1 ']' + echo PASSWORD-REDACTED + echo 'wkt /var/run/cloudera-scm-server/cmf8855603408704216973.keytab' + chmod 600 /var/run/cloudera-scm-server/cmf8855603408704216973.keytab + kinit -k -t /var/run/cloudera-scm-server/cmf8855603408704216973.keytab USERNAME-REDACTED kinit: Client 'USERNAME-REDACTED' not found in Kerberos database while getting initial credentials >>
Explorer
Posts: 25
Registered: ‎11-05-2018

Re: Enable Kerberos via Cloudera Manager wizard failed

Hi,

 

   Please show your Kerberos parameters in Cloudera Manager because it is hard to investigate something without that.

 

Regards

Posts: 1,111
Topics: 1
Kudos: 285
Solutions: 134
Registered: ‎04-22-2014

Re: Enable Kerberos via Cloudera Manager wizard failed

This post is pretty old, but we can say the following in case it helps others:

 

In the import_credentials.sh script output, we see the following error:

 

kinit: Client 'USERNAME-REDACTED' not found in Kerberos database while getting initial credentials

 

This is coming from the MIT Kerberos client, "kinit"

It means that the user principal provided does not exist in the KDC

 

Possible causes:

 

- The Admin user specified in the Kerberos wizard does not exist

- The wrong KDC is being used (check the krb5.conf)