I have setup kerberos and enabled in Ambari successfully on one environment but while trying the same on another environment I am facing issue while enabling kerberos. I have tried to store credentials using keytool, Rest API, checked kerberos descriptors but no luck. what else is left to check?
The values look correct, I guess you are running ubuntu that's why the path differs a bit from my centos ! Can you start the equivalent of these services and retry
service krb5kdc start service kadmin start
Can you share the screenshot of the parameters you are using in the Enabling kerberos wizard ?
Thanks for your response. I found the root cause of this issue in my case, Ambari was using Ambari master key for KDC admin credentials which was present at /var/lib/ambari-server/keys/credentials.jceks. I have taken backup of it and was able to work on 'Enable kerberos through Ambari UI'.
But that previous file is required at the time of ambari-server restart. So need to keep ambari-master key same as KDC admin key (password).
Thanks for your response. I found the root cause of the issue. Ambari was using its master's key in KDC admin credentials that is why it was giving "Missing KDC administrator credentials. Please enter admin principal and password". So I have removed that crendential file (PFA for this) and issue has been solved.
For others, you may need to keep ambari master key and KDC admin creds same, because that file is required at the time of ambari-server restart (if you have configured jceks).