How to reset the admin password set while enabling the kerberos.
Previously kerberos was enabled but we disabled it. When trying to again enable kerberos, admin username and password is required.
How to reset the password for this? Or is their any way to enable kerberos wirhout knowing the password?
Try this solution
1.create .ldif file, add the following line to the file, save & exit out:
2. note: you need to know the directory manager password run:
ldapmodify -h localhost -x -W -D "cn=directory manager" -f /root/test/krb_test.ldif
3. now reset the password through kadmin.local:
kadmin.local Authenticating as principal admin/admin@EXAMPLE.COM with password. kadmin.local: change_password -pw secret123 admin@EXAMPLE.COM Password for "admin@EXAMPLE.COM" changed. kadmin.local: q
4. Run this command to clear cache kdestroy
5. Run "kimit admin" to login KDC using new password
[root@bddec1v1-0019 ~]# kinit admin Password for admin@EXAMPLE.COM:
[root@bddec1v1-0019 ~]# klist Ticket cache:
Default principal: admin@EXAMPLE.COM
Valid starting Expires Service principal
[root@bddec1v1-0019 ~]# kadmin
Authenticating as principal self/admin@DOMAIN.TLD with password.
Password for self/admin@DOMAIN.TLD:
current privileges: GET ADD MODIFY DELETE
kadmin: cpw someuser
Enter password for principal "someuser@DOMAIN.TLD":
Re-enter password for principal "someuser@DOMAIN.TLD": P
assword for "someuser@DOMAIN.TLD" changed.
Your question seems to be unclear. Where are you looking to reset the admin password... from within the credentials stored in Ambari (if you enabled that) or within the KDC (or Active Directory, etc...)?
You cannot enable Kerberos without the credentials for some privileged user in the KDC unless you select the "manual" option, in which you will be responsible for the principal and keytab file creation and distribution.