Hello,
I am in process of setting up a CDP 7.1.7 cluster.
At the moment, CM 7.6.1 is installed and integrated to AD on LDAPS protocol (Had to select authentication type as LDAP for the integration to work even though we have AD being used).
Next step is I have added few basic services i.e. HDFS, YARN and Zookeeper and now I am enabling Kerberos.
At the step of Generating credentials it fails with attached screenshot.
However, in the same window I noticed that CM is trying to connect to AD on LDAP protocol on port 389. Ideally it should be connecting via LDAPS on 636 as we have TLS also configured and enabled. Not sure if this is even relevant.
From where does CM gets the LDAP URL? I tried to understand gen_credentials_ad.sh script at /opt/cloudera/cm/bin, however, did not completely interpret.
Please help as this is bit urgent.
Thanks
snm1523
This problem has been solved!
Want to get a detailed solution you have to login/registered on the community
Register/Login
This problem has been solved!
Want to get a detailed solution you have to login/registered on the community
Register/LoginThank you for the response @tj2007. We have ensured that the required permissions are assigned to the account that is provided to Cloudera to create principals.
we further tweaked some settings and also after a quick modification to gen_credentials_ad.sh script (post discussion with Cloudera support) got through with error. However, now getting below error:
We have scheduled a call later today with Cloudera once again to discuss this. However, if you may be able to suggest something would be helpful.
Thanks
snm1523
