having the same problem... we're not using the default password policy in my company...

did you find out how to make it generate more than 12 letter password?

nope. Still waiting reply from here.

By the way, how did you found out the password is 12 char long ?

when it's generating the paswords I saw that the password was always 12 chars...

anyway.. the "fix" for this is:

edit /usr/share/cmf/bin/gen_credentials_ad.sh

and swap out PASSWD=$4

with something like

PASSWD=${4}XyZxYz

this will generate a 12 char password + XyZxYz

ps. afaik Cloudera don't allow their customers to do this...

Hi, I wasn't notified of your reply.

I had the opportunity to talk to a Cloudera internal, and he said that upon principal creation, CM does not append any specific option for password lenght, because it is just asking krb to generate a random password for it.

So it just add -randkey. The guy says that any modificationt to the the lenght of a random password should be done on kerberos side, and it actually makes sense.

Question is: how to tell kerberos or AD the default size of the random-generated password ?

Can't find anything about it. I wasn't able to find anything like policy or defaults for this: there are specific options for minsize and maxsize, tough, but you have to append them when asking for principal.

Bye

O.