Due to security issues , I have enabled Kerberos for Hadoop HortonWorks.
All nodes were configured to be integrated with Active directory users using Samba.
I have created directory for each user on hdfs : /user/user1 ... , with all required permissions
However , user1 is unable to execute a yarn job.
So, I have asked to generate a keytab for user1 and then I have registered it on all namenodes and so user1 was able to execute jobs. But from a security way, this is not acceptable to create a keytab per user and also the password expire after 90 days ..
Is there any other options please? May I register the user with a service account instead?