Support Questions

davdop · ‎01-23-2025

Hello,

Im currently setting new cluster. When I try to start some role I get notifications that:
Role is missing Kerberos keytab. Go to the Kerberos Credentials page and click the Generate Missing Credentials button.

So I try to Generate Missing credentials and I got:

failed script:/opt/cloudera/cm/bin/merge_credentials.sh due to:/opt/cloudera/cm/bin/merge_credentials.sh failed with exit code 1 and output of <<
+ export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/kerberos/bin:/usr/kerberos/sbin:/usr/lib/mit/sbin:/usr/sbin:/usr/lib/mit/bin:/usr/bin
+ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/kerberos/bin:/usr/kerberos/sbin:/usr/lib/mit/sbin:/usr/sbin:/usr/lib/mit/bin:/usr/bin
+ KEYTAB_OUT=/var/run/cloudera-scm-server/cmf-merged-out15742810764060677617.keytab
+ shift
+ ktutil
+ chmod 600 /var/run/cloudera-scm-server/cmf-merged-out15742810764060677617.keytab
chmod: cannot access '/var/run/cloudera-scm-server/cmf-merged-out15742810764060677617.keytab': No such file or directory

What am I missing here ?

davdop · ‎01-25-2025

I found a solution for this trouble. I removed kerberos DB with kdb5-util destroy and I recreate it again kdb5-util create -s.

Other thing what I found was that, when I firstly created admin cloudera principal I used cloudera-scm instead of cloudera-scm/admin. I am not sure if this could caused problem, but after destroying old DB and created cloudera-scm/admin, generating is working properly.

View solution in original post

DianaTorres · ‎01-23-2025

@davdop Welcome to the Cloudera Community!

To help you get the best possible solution, I have tagged our CDP experts @venkatsambath @abdulpasithali who may be able to assist you further.

Please keep us updated on your post, and we hope you find a satisfactory solution to your query.

Regards,

Diana Torres,
Community Moderator

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
Learn more about the Cloudera Community:
Community Guidelines
How to use the forum

shubham_sharma · ‎01-24-2025

Hi @davdop

Could you please check if you are able to run kadmin remotely from your Cloudera Manager host and manage KDC ? It looks like a communication issue with KDC server

davdop · ‎01-25-2025

Hello, @shubham_sharma

you mean use kadmin without .local ? I have KDC installed on different host than CM.

davdop · ‎01-25-2025

I found a solution for this trouble. I removed kerberos DB with kdb5-util destroy and I recreate it again kdb5-util create -s.

Other thing what I found was that, when I firstly created admin cloudera principal I used cloudera-scm instead of cloudera-scm/admin. I am not sure if this could caused problem, but after destroying old DB and created cloudera-scm/admin, generating is working properly.

Cloudera Community

Support Questions

Generate missing credetials - KDC

Error with Generate Missing Credentials CDP

Missing KDC administrator credentials. Please ente...

Datagen - Data Generator tool built for CDP

[CDH 5.8 Kerberos] Generate Missing Credentials Er...

One Way Trust - MIT KDC to Active Directory

Configure two Kerberos KDCs as a Master/Slave

while generating the missing credantial getting be...

Getting error when trying to Generate Missing Cred...

MergeRecord generates multiple files

Caused by: sun.security.krb5.KrbException: Generic...