I need to kerberize the cluster using Active Directory.
I want Cloudera Manager to manage all the principals for me, so I need to create a principal for it in AD for it to create other principals needed.
So far so good, but the company is asking a specific password length. So the question is:
How can I tell Cloudera Manager the password length of the principal to be created in Active Directory ? What is the default configuration ?
I found on this page that using /minpass and /maxpass you can set the length of the random-generated password: how can I pass something like this to CM ?
having the same problem... we're not using the default password policy in my company...
did you find out how to make it generate more than 12 letter password?
when it's generating the paswords I saw that the password was always 12 chars...
anyway.. the "fix" for this is:
and swap out PASSWD=$4
with something like
this will generate a 12 char password + XyZxYz
ps. afaik Cloudera don't allow their customers to do this...
Hi, I wasn't notified of your reply.
I had the opportunity to talk to a Cloudera internal, and he said that upon principal creation, CM does not append any specific option for password lenght, because it is just asking krb to generate a random password for it.
So it just add -randkey. The guy says that any modificationt to the the lenght of a random password should be done on kerberos side, and it actually makes sense.
Question is: how to tell kerberos or AD the default size of the random-generated password ?
Can't find anything about it. I wasn't able to find anything like policy or defaults for this: there are specific options for minsize and maxsize, tough, but you have to append them when asking for principal.