I was able to run through the wizzard to configure kerberos on my cluster. I can see a bunch of accounts on AD created by the wizzard but none seem to work.
org.apache.hadoop.security.KerberosAuthException: Login failure for user: hdfs/xxxx-dev-cdh-dn1.domain.net@DOMAIN.NET from keytab hdfs.keytab javax.security.auth.login.LoginException: Unable to obtain password from user
I can login to Cloudera Manager fine with the AD users. But when I try to check the hdfs user Cloudera created in AD with the keytab it does not work. I can't find anything in your documentation that speak to this issue. Do I need to go update the password in AD and generate new keyfile or something?