I am in process of setting up a CDP 7.1.7 cluster.
At the moment, CM 7.6.1 is installed and integrated to AD on LDAPS protocol (Had to select authentication type as LDAP for the integration to work even though we have AD being used).
Next step is I have added few basic services i.e. HDFS, YARN and Zookeeper and now I am enabling Kerberos.
At the step of Generating credentials it fails with attached screenshot.
However, in the same window I noticed that CM is trying to connect to AD on LDAP protocol on port 389. Ideally it should be connecting via LDAPS on 636 as we have TLS also configured and enabled. Not sure if this is even relevant.
From where does CM gets the LDAP URL? I tried to understand gen_credentials_ad.sh script at /opt/cloudera/cm/bin, however, did not completely interpret.
Please help as this is bit urgent.