Support Questions

Find answers, ask questions, and share your expertise

I hit this error while integration with Win AD, I tried to generate the service principals but the below error is a blocker

avatar
New Contributor

 

/opt/cloudera/cm/bin/gen_credentials_ad.sh failed with exit code 19 and output of <<
+ export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/kerberos/bin:/usr/kerberos/sbin:/usr/lib/mit/sbin:/usr/sbin:/usr/lib/mit/bin:/usr/bin
+ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/kerberos/bin:/usr/kerberos/sbin:/usr/lib/mit/sbin:/usr/sbin:/usr/lib/mit/bin:/usr/bin
+ KEYTAB_OUT=/var/run/cloudera-scm-server/cmf2077611128110226334.keytab
+ PRINC=HTTP/vsrisdxxxxx.mastnd.cloudera.XXXXX.local@XXXXXXXX.LOCAL
+ USER=syzutmdaGr
+ PASSWD=REDACTED
+ DELETE_ON_REGENERATE=false
+ SET_ENCRYPTION_TYPES=false
+ ENC_TYPES_MASK=24
+ USERACCOUNTCONTROL=66048
+ ACCOUNTEXPIRES=0
+ OBJECTCLASSES='objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
'
+ DIST_NAME='CN=syzutmdaGr,OU=Cloudera-Accounts,OU=Accounts,OU=Teir 2,OU=Admin Teiring,DC=OneBank,DC=Local'
+ '[' -z /var/run/cloudera-scm-server/krb56173003423111410977.conf ']'
+ echo 'Using custom config path '\''/var/run/cloudera-scm-server/krb56173003423111410977.conf'\'', contents below:'
+ cat /var/run/cloudera-scm-server/krb56173003423111410977.conf
++ mktemp /tmp/cm_ldap.XXXXXXXX
+ LDAP_CONF=/tmp/cm_ldap.hyhwIy7R
+ echo 'TLS_REQCERT never'
+ echo 'sasl_secprops minssf=0,maxssf=0'
+ SIMPLE_PWD_STR=
+ LDAP_URL=
+ '[' '' = '' ']'
+ kinit -k -t /var/run/cloudera-scm-server/cmf4742668277818245032.keytab cloudera-bindacc-svc@ONEBANK.LOCAL
+ LDAP_URL=ldap://vswimdad01.onebank.local:389
++ ldapsearch -LLL -H ldap://vsxxxxxx.xxxxxxxxx.local:389 -b 'OU=Cloudera-Accounts,OU=Accounts,OU=Teir 2,OU=Admin Teiring,DC=OneBank,DC=Local' userPrincipalName=HTTP/vsrisdxxxxx.mastnd.cloudera.XXXXX.local@XXXXXXXX.LOCAL
SASL/GSS-SPNEGO authentication started
SASL username: cloudera-XXXXXX-svc@XXXXX.LOCAL
SASL SSF: 256
SASL data security layer installed.
+ PRINC_SEARCH=
++ echo ''
++ sed -n '1 {h; $ !d}; $ {x; s/\n //g; p}; /^ / {H; d}; /^ /! {x; s/\n //g; p}'
+ RESULTS_UNWRAPPED=
+ echo “”
+ set +e
+ echo
+ grep -q userPrincipalName
+ '[' 1 -eq 0 ']'
+ set -e
+ '[' false = true ']'
+ ldapmodify -H ldap://vsxxxxxxx.onebank.local:389
++ echo 'objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
'
++ sed /str/d
++ echo vsrisdxxxxx.mastnd.cloudera.XXXXX.local@XXXXXXXX.LOCAL
++ sed -e 's/\@XXXXXEBANK.LOCAL//g'
++ echo -n '"REDACTED"'
++ iconv -f UTF8 -t UTF16LE
++ base64 -w 0
SASL/GSS-SPNEGO authentication started
SASL username: cloudera-xxxxxxx-svc@XXXXBANK.LOCAL
SASL SSF: 256
SASL data security layer installed.
ldap_add: Constraint violation (19)
additional info: 000021C7: AtrErr: DSID-03200DF4, #1:
0: 000021C7: DSID-03200DF4, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 90303 (servicePrincipalName)k

 

1 REPLY 1

avatar

i am having the same error, can anyone help?