Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Service Accounts Creation

Labels:
avatar
author-rank dsun author-rank
Expert Contributor

Created ‎05-31-2017 09:16 PM

During the Ambari installation, if all the hosts already integrated with AD via SSSD, and all the service accounts already available in AD, will Ambari still try to create those accounts locally?

1,740 Views
0
1 ACCEPTED SOLUTION

avatar
author-rank xin_wang
Contributor

Created ‎06-01-2017 08:26 PM

@dsun yes, you can.

First, you need to ensure those service accounts are created in the AD and the cluster hosts all connect to AD and those users are valid.

Second, set ignore_groupsusers_create=true in cluster-env.xml then start install HDP

View solution in original post

1,640 Views
0
3 REPLIES 3

avatar
author-rank xin_wang
Contributor

Created ‎06-01-2017 08:26 PM

@dsun yes, you can.

First, you need to ensure those service accounts are created in the AD and the cluster hosts all connect to AD and those users are valid.

Second, set ignore_groupsusers_create=true in cluster-env.xml then start install HDP

1,641 Views
0

avatar
author-rank bandarusridhar1
Guru

Created ‎06-01-2017 09:04 PM

@dsun

In addition to @xin.wang If all the accounts are created in AD/LDAP, if you are installing the services for the 1st time, while installing you get an option asking whether to Ambari to manage service accounts and UID's or skip managing. If you check on asking Ambari not to manage service accounts, it will automatically skip creation of local service accounts.

If Ambari is already installed now you are trying to add new service where service account in AD the run below command, which will set Ambari not create any users or groups locally:

/var/lib/ambari-server/resources/scripts/configs.sh
-u admin -p password -port 8080 set ambarihostserver.com clustername cluster-env ignore_groupsusers_create true

Hope this helped you.

1,640 Views

avatar
author-rank dsun author-rank
Expert Contributor

Created ‎06-01-2017 11:03 PM

Thanks for the comments, will try it out.

1,640 Views
0 Kudos
Announcements
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
What's New @ Cloudera
Performance comparison of Spark3 on YARN with S3 Standard VS...
View More Announcements