Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Hadoop HortonWorks: how to manage kerberos settings for Active Directory users

Highlighted

Hadoop HortonWorks: how to manage kerberos settings for Active Directory users

Explorer

Dear Community,

 

Due to security issues , I have enabled Kerberos for Hadoop HortonWorks.

All nodes were configured to be integrated with Active directory users using Samba.

I have created directory for each user on hdfs : /user/user1 ... , with all required permissions 

However , user1 is unable to execute a yarn job.

So, I have asked to generate a keytab for user1 and  then I have registered it on all namenodes and so user1 was able to execute jobs. But from a security way, this is not acceptable to create a keytab per user and also the password expire after 90 days ..

Is there any other options please? May I register the user with a service account instead?

 

Thank you in advance

Asma

 

Don't have an account?
Coming from Hortonworks? Activate your account here