Support Questions

BrianChan · ‎05-02-2023

Hi all,

I have a cluster in CDP version 7.1.8 private cloud base. The Cloudera Management service show bad health and indicate that the connection to KDC server is not available.

I can regenerate missing credentials under Administration > Security > Kerberos Credentials

Moreover, I can do kinit in the CM server host. Therefore I have no idea why the connection shows failure.

Please let me know if I should provide further information. Thank you.

BrianChan · ‎05-09-2023

I finally managed to solve the problem by switching the OpenJDK version from 8u362 to 8u232.

However, is OpenJDK 8u232 the only version that support when working on CDP 7.1.8 with Kerberos enabled?

Could someone clarify it for me please? Thank you.

View solution in original post

hardik2909 · ‎02-01-2024

@venkatsambath
I was able to resolve the error by adding all supported kerberos Encryption Types instead of only default 'rc4-hmac'.
FYI added : rc4-hmac aes256-cts aes128-cts des-cbc-crc des-cbc-md5

View solution in original post

BrianChan · ‎05-03-2023

From the system log, I found error saying unsupported Keytype. I am using OpenJDK 8u332.

Do anyone know how to solve this? Thank you.

BrianChan · ‎05-09-2023

I finally managed to solve the problem by switching the OpenJDK version from 8u362 to 8u232.

However, is OpenJDK 8u232 the only version that support when working on CDP 7.1.8 with Kerberos enabled?

Could someone clarify it for me please? Thank you.

hardik2909 · ‎01-25-2024

I am seeing the same issue and cant seem to find a way around it on Private Cloud Base 7.1.9 with AD based kerberos.
JAVA SE jdk11 and krb5.conf is set according to https://docs.cloudera.com/cdp-private-cloud-base/7.1.8/security-kerberos-authentication/topics/cm-se...

CMSERVER:<fqdn>: KDC Server Connection is not available. Unable to login.

Appreciate any help I can get to resolve this error.

Thank you!

venkatsambath · ‎01-26-2024

Can you share the exact error you notice in CM server log around the timeframe in which you notice the error 'CMSERVER:<fqdn>: KDC Server Connection is not available. Unable to login.', the full exception from cm server log will help to understand the issue better.

hardik2909 · ‎02-01-2024

@venkatsambath
I was able to resolve the error by adding all supported kerberos Encryption Types instead of only default 'rc4-hmac'.
FYI added : rc4-hmac aes256-cts aes128-cts des-cbc-crc des-cbc-md5

DianaTorres · ‎01-30-2024

@hardik2909 If you are still experiencing the issue, can you provide the information @venkatsambath has requested? Thanks.

Regards,

Diana Torres,
Community Moderator

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
Learn more about the Cloudera Community:
Community Guidelines
How to use the forum

Aqdas · ‎05-14-2024

Hi @DianaTorres ,

I am facing the same issue. Can you please connect me with someone who can help me resolve this issue?

Thanks

DianaTorres · ‎05-15-2024

@Aqdas Welcome to the Cloudera Community!

To help you get the best possible solution, I have tagged our Kerberos experts @venkatsambath @james_jones @pajoshi who may be able to assist you further.

Regards,

Diana Torres,
Community Moderator

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
Learn more about the Cloudera Community:
Community Guidelines
How to use the forum