Community Articles
Find and share helpful community-sourced technical articles
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Advanced Search
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Datanode principal Kerberos issue

Labels (1)
Labels:
sshimpi
Guru

Created on ‎12-22-2016 01:39 PM

SYMPTOM: User has latest HDP integrated with kerberos.

While starting the datanode user gets the message: Login failure for dn/host1@EXAMPLE.NET from keytab /etc/security/keytabs/dn.service.keytab. But the principal is dn/host1.bc@EXAMPLE.NET

Where host1 is the hostname of the datanode host and

EXAMPLE.NET is the REALM name.

ERROR: The output of klist command is as below -

$klist -kt /etc/security/keytabs/dn.service.keytab 
Keytab name: FILE:/etc/security/keytabs/dn.service.keytab 
KVNO Timestamp Principal 
---- ------------------- ------------------------------------------------------ 
0 12/21/2016 10:38:13 dn/host1.bc@EXAMPLE.NET

In logs it shows - dn/host1@EXAMPLE.NET

Where as it should show - dn/host1.bc@EXAMPLE.NET

ROOT CAUSE: This is issue with entries in /etc/host file.

RESOLUTION: User has below entry in /etc/hosts file -

<ipaddress> <hostname> <FQDN> <FQDN> Now the order is changed to <ipaddress> <FQDN> <hostname> <FQDN>

Which resolved the issue.

74 Views
Don't have an account?
Register
Coming from Hortonworks? Activate your account here
Version history
Revision #:
1 of 1
Last update:
‎12-22-2016 01:39 PM
Updated by:
Guru sshimpi
 
View article history
Contributors
Top Kudoed Authors
View Full Leaderboard