Hello Community,
I have a CDH 5.14 cluster hosted on EC2 machines which is kerberized with Active Directory and have Sentry for authorization of databases.
I want to use SSSD to secure my Linux hosts (RHEL 7.x) with Active Directory.
I have been going through this post but there are few queries which are bothering me to proceed forwards:
1. There are service-users (Hive, YARN, etc.) in AD that are already created during Kerberization of my cluster. So, if I go ahead and implement SSSD, then will these pre-existing service-users be able to communicate?
2. If something goes wrong will I be able to rollback? If yes, how?