Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Solved Go to solution

Kerberos authentication issue

avatar
author-rank aliyesami
Super Collaborator

Created ‎07-11-2017 09:09 PM

I am trying to get a ticket from Kerberos but its failing . I have created another keytab but no luck . 

[root@hadoop1 scripts]# klist -kte /etc/krb5.keytab | grep hdfs
   2 07/11/17 16:46:53 hdfs-fdot_hdc@TOLLS.DOT.STATE.FL.US (aes256-cts-hmac-sha1-96)
   2 07/11/17 16:46:53 hdfs-fdot_hdc@TOLLS.DOT.STATE.FL.US (aes128-cts-hmac-sha1-96)
   2 07/11/17 16:46:53 hdfs-fdot_hdc@TOLLS.DOT.STATE.FL.US (des3-cbc-sha1)
   2 07/11/17 16:46:53 hdfs-fdot_hdc@TOLLS.DOT.STATE.FL.US (arcfour-hmac)
[root@hadoop1 scripts]#
[root@hadoop1 scripts]# klist -kte  /etc/security/keytabs/hdfs.headless.keytab | grep hdfs
Keytab name: FILE:/etc/security/keytabs/hdfs.headless.keytab
   1 07/11/17 10:59:01 hdfs-fdot_hdc@TOLLS.DOT.STATE.FL.US (arcfour-hmac)
   1 07/11/17 10:59:01 hdfs-fdot_hdc@TOLLS.DOT.STATE.FL.US (des3-cbc-sha1)
   1 07/11/17 10:59:01 hdfs-fdot_hdc@TOLLS.DOT.STATE.FL.US (aes128-cts-hmac-sha1-96)
   1 07/11/17 10:59:01 hdfs-fdot_hdc@TOLLS.DOT.STATE.FL.US (aes256-cts-hmac-sha1-96)
   1 07/11/17 10:59:01 hdfs-fdot_hdc@TOLLS.DOT.STATE.FL.US (des-cbc-md5)
[root@hadoop1 scripts]#

[root@hadoop1 scripts]# kinit -kt /etc/security/keytabs/hdfs.headless.keytab hdfs-fdot_hdc@TOLLS.DOT.STATE.FL.US
kinit: Password incorrect while getting initial credentials
[root@hadoop1 scripts]#

[root@hadoop1 scripts]# kinit -kt /etc/krb5.keytab hdfs-fdot_hdc@TOLLS.DOT.STATE.FL.US
kinit: Password incorrect while getting initial credentials
[root@hadoop1 scripts]#
14,364 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank aliyesami
Super Collaborator

Created ‎07-11-2017 10:51 PM

this article fixed the issue. The key version number was mismatching between the keytab and the kdc . The keytab files must have been hanging around from previous installation .

https://cwiki.apache.org/confluence/display/AMBARI/Automated+Kerberization+Troubleshooting

View solution in original post

10,801 Views
0 Kudos
1 REPLY 1

avatar
author-rank aliyesami
Super Collaborator

Created ‎07-11-2017 10:51 PM

this article fixed the issue. The key version number was mismatching between the keytab and the kdc . The keytab files must have been hanging around from previous installation .

https://cwiki.apache.org/confluence/display/AMBARI/Automated+Kerberization+Troubleshooting

10,802 Views
0 Kudos
webinar banner
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements
meetups banner