Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Failed to enable Kerberos using Direct Active Directory using CDH 5.9.0

Labels:
avatar
author-rank zhuw.bigdata
Expert Contributor

Created ‎12-05-2016 08:05 PM

Reference:

 
My question is how to configure AD OU admin user. This user has to have permissions to modify LDAP also. I just can't find anything on this. I got permission denied on ldapadd when generating the keytabs. Could someone help me on how to set this user up in both AD domain  and AD LDAP?
1,895 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank zhuw.bigdata
Expert Contributor

Created ‎12-23-2016 12:07 PM

Found this useful link:

https://www.cloudera.com/documentation/enterprise/latest/topics/cm_sg_s3_cm_principal.html

 

If you are using Active Directory:

  1. Create an Organizational Unit (OU) in your AD setup where all the principals used by your CDH cluster will reside.
  2. Add a new user account to Active Directory, for example, <username>@YOUR-REALM.COM. The password for this user should be set to never expire.
  3. Use AD's Delegate Control wizard to allow this new user to Create, Delete and Manage User Accounts.

View solution in original post

1,826 Views
0 Kudos
1 REPLY 1

avatar
author-rank zhuw.bigdata
Expert Contributor

Created ‎12-23-2016 12:07 PM

Found this useful link:

https://www.cloudera.com/documentation/enterprise/latest/topics/cm_sg_s3_cm_principal.html

 

If you are using Active Directory:

  1. Create an Organizational Unit (OU) in your AD setup where all the principals used by your CDH cluster will reside.
  2. Add a new user account to Active Directory, for example, <username>@YOUR-REALM.COM. The password for this user should be set to never expire.
  3. Use AD's Delegate Control wizard to allow this new user to Create, Delete and Manage User Accounts.
1,827 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements