Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Kinit :Cannot find KDC for realm "EXAMPLE.COM"

Kinit :Cannot find KDC for realm "EXAMPLE.COM"

New Contributor

First time i use EXAMPLE.COM as default KDC princple;

Install and Test Kerberos Client in

Enable Kerberos Wizard is ok

when i change it to MY.COM,it goes wrong at "

Test Kerberos Client", the fllowing is error details

stderr: /var/lib/ambari-agent/data/errors-2221.txt

Traceback (most recent call last):
  File "/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/service_check.py", line 81, in <module>
    KerberosServiceCheck().execute()
  File "/usr/lib/python2.6/site-packages/resource_management/libraries/script/script.py", line 280, in execute
    method(env)
  File "/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/service_check.py", line 64, in service_check
    user=params.smoke_user
  File "/usr/lib/python2.6/site-packages/resource_management/core/base.py", line 155, in __init__
    self.env.run()
  File "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", line 160, in run
    self.run_action(resource, action)
  File "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", line 124, in run_action
    provider_action()
  File "/usr/lib/python2.6/site-packages/resource_management/core/providers/system.py", line 273, in action_run
    tries=self.resource.tries, try_sleep=self.resource.try_sleep)
  File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 70, in inner
    result = function(command, **kwargs)
  File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 92, in checked_call
    tries=tries, try_sleep=try_sleep)
  File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 140, in _call_wrapper
    result = _call(command, **kwargs_copy)
  File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 293, in _call
    raise ExecutionFailed(err_msg, code, out, err)
resource_management.core.exceptions.ExecutionFailed: Execution of '/usr/bin/kinit -c /var/lib/ambari-agent/tmp/kerberos_service_check_cc_7189cb12a737530410cb3eaec88c4e01 -kt /etc/security/keytabs/kerberos.service_check.032117.keytab hadoop-032117@EXAMPLE.COM' returned 1. kinit: Cannot find KDC for realm "EXAMPLE.COM" while getting initial credentials

stdout: /var/lib/ambari-agent/data/output-2221.txt

Performing kinit using hadoop-032117@EXAMPLE.COM
2017-03-21 14:56:15,166 - Execute['/usr/bin/kinit -c /var/lib/ambari-agent/tmp/kerberos_service_check_cc_7189cb12a737530410cb3eaec88c4e01 -kt /etc/security/keytabs/kerberos.service_check.032117.keytab hadoop-032117@EXAMPLE.COM'] {'user': 'ambari-qa'}
2017-03-21 14:56:15,231 - File['/var/lib/ambari-agent/tmp/kerberos_service_check_cc_7189cb12a737530410cb3eaec88c4e01'] {'action': ['delete']}
 

Command failed after 1 tries

5 REPLIES 5

Re: Kinit :Cannot find KDC for realm "EXAMPLE.COM"

Super Mentor

@Elvis Zhang

Please check your "krb5.conf" file if it is pointing the correct KDC host & Realm? The default on you can find in "/etc/krb5.conf" on the hosts.

Also as you mentioned that you changed the realm name , so after that did you regenerate the keytabs?

Ambari UI --> Admin (Tab) --> Kerberos --> "Regenerate Keytabs"

Else the existing keytabs might be having old references. Still if it does not work then "Disable and then Enable" Kerberos should take care of this. But i guess regenerating keytabs should be ok.

Highlighted

Re: Kinit :Cannot find KDC for realm "EXAMPLE.COM"

New Contributor

Kerberos didn't sucess, there no "Regenerate Keytabs". i don't know how to regenrate hte keytabs?

Re: Kinit :Cannot find KDC for realm "EXAMPLE.COM"

Super Mentor

@Elvis Zhang

If it is fresh cluster then "Disable Kerberos" and "Enable Kerberos" should be of. Do you see those buttons present ? If those are also not present then it means that the kerberos installation is not yes completed to finalize stage. In that case you can close the current kerberos wizard (if it is already opened and then try enabling kerberos freshly)

Re: Kinit :Cannot find KDC for realm "EXAMPLE.COM"

New Contributor

yes i checked "/etc/krb5.conf", again ,nothing wrong ,from error text ,it means "*.keytabs" file used old "EXAMPLE.COM", I don't know how to update or rebuild the keytabs?

Re: Kinit :Cannot find KDC for realm "EXAMPLE.COM"

New Contributor

when i delete file

/etc/security/keytabs/kerberos.service_check.032117.keytab

another error occured like this:

stderr: /var/lib/ambari-agent/data/errors-2362.txt

Traceback (most recent call last):
  File "/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/service_check.py", line 81, in <module>
    KerberosServiceCheck().execute()
  File "/usr/lib/python2.6/site-packages/resource_management/libraries/script/script.py", line 280, in execute
    method(env)
  File "/var/lib/ambari-agent/cache/common-services/KERBEROS/1.10.3-10/package/scripts/service_check.py", line 72, in service_check
    raise Fail(err_msg)
resource_management.core.exceptions.Fail: Failed to execute kinit test due to principal or keytab not found or available

stdout: /var/lib/ambari-agent/data/output-2362.txt

Command failed after 1 tries
Don't have an account?
Coming from Hortonworks? Activate your account here