How does Ambari automatically create service principals and user principals?
I am not an expert in Java and hence I would be greatly thankful to anyone who can point out the code in github or somewhere which provides me the commands used in the code to create service principals, user principals and keytabs when Windows AD is used as KDC
Thanks for your time
Ambari pretty much does what the following article shows - How to create AD principal accounts using OpenLdap utilities and adding it to a keytab.
Using the Active Directory's LDAP interface (via JNDI) an account is created with the relevant attributes set (same ones from the article). The password for the account is randomly generated by Ambari so it can internally create the keytab file for that account. Finally the keytab file is distributed to the relevant host(s).
The AD-specific logic to create the Kerberos principals is in the ADKerberosOperationHandler class. This extends the KerberosOperationHandler class which contains most of the logic used to create the keytab files.