I have a problem with Hive View in Kerberized HDP 2.5 cluster. I have configured one-way trust with AD. When I try to access to Hive View as "admin" user:
User: HADOOP_User10 is not allowed to impersonate admin
I know I can solve this by adding proxyuser.HADOOP_User10 but this user is not a technical user and he should not be allowed to impersonate anyone. How can I change the user HADOOP_User10 to "hive" or "root" which is more secure? Below is my Hive View configuration:
The strange thing is that, when I run "kadmin" as root on KDC host, it tries to Authenticate me as HADOOP_User10/admin@HADOOP.COM. I solved it by deleting cache file /tmp/krb5cc_... containg HADOOP_User10.
the error message, it seems that the Hive View was accessed by
'HADOOP_User10' and he tried to run some command as 'admin' user.
kadmin program always tries to use the user in the current credential
cache, if that is empty it will try to use
'<current-shell-user>/admin@REALM' format to 'guess' your admin
user name. Hence you are seeing that. You can change that by specifying
"-p <principal>" at the command line.