Support Questions
Find answers, ask questions, and share your expertise

centrify express user principal

Expert Contributor

I've configured centrify express for AD/Linux integration. I was able to login to linux machine using windows credentials. I had setup one way trust between AD & Local MIT KDC.

[root@master2 ~]# ssh rvchinta@master2

Red Hat Enterprise Linux Server release 6.4 (Santiago)

Kernel 2.6.32-358.el6.x86_64 on an x86_64

Password:

Last login: Sat Mar 4 07:22:34 2017 from 192.168.56.22

[rvchinta@master2 ~]$ klist

Ticket cache: FILE:/tmp/krb5cc_cdc201327698_saYNYF

Default principal: rvchinta@CHRSV.COM

Valid starting Expires Service principal

03/04/17 10:02:32 03/04/17 20:02:32 krbtgt/CHRSV.COM@CHRSV.COM

renew until 03/11/17 10:02:32

[rvchinta@master2 ~]$

when i access hadoop components it thinks my user name is rvchinta@CHRSV.COM.

Any idea how to handle this? i should be rvchinta but not rvchinta@CHRSV.COM.

thanks

1 ACCEPTED SOLUTION

Accepted Solutions

Re: centrify express user principal

Expert Contributor

I was able to resolve this by adding RULE:[1:$1@$0](.*@CHRSV.COM)s/@.*// in hadoop.seucirty.auth.local in hdfs

View solution in original post

2 REPLIES 2

Re: centrify express user principal

Expert Contributor

I was able to resolve this by adding RULE:[1:$1@$0](.*@CHRSV.COM)s/@.*// in hadoop.seucirty.auth.local in hdfs

View solution in original post

Re: centrify express user principal

This should have been automatically created for you if you entered CHRSV@COM in the "Additional Realms" box on the Configure Identities in the Enable Kerberos Wizard.

Assuming that you didn't do this, how was the krb5.conf file set up to acknowledge the trusted realm?