Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

how to create new keytab if my previous keytab is expired?

Labels:
avatar
author-rank OmThakare
Explorer

Created on ‎02-04-2020 02:00 AM - last edited on ‎02-04-2020 06:14 AM by Community Manager Community Manager

how to create new keytab if my previous keytab is expired?

2,390 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank jsensharma author-rank
Master Mentor

Created ‎02-04-2020 02:27 AM

@OmThakare 
Are you managing keytabs/kerberos using Ambari?

If yes, then you can regenerate keytabs from Ambari UI. Ambari allows to either regenerate all keytabs or only for specific components on specific hosts.

 

Regenerating keytabs for all hosts in the cluster is a disruptive operation, and requires all components to be restarted. Optionally, keytabs can be regenerated only for missing hosts and components, and this operation requires selectively restarting those affected hosts and services.

 

https://docs.cloudera.com/HDPDocuments/Ambari-2.7.4.0/managing-and-monitoring-ambari/content/amb_reg...

.

If you are not not using Ambari to manage kerberos then  Following link describes How to create service principals and keytab files

https://docs.cloudera.com/HDPDocuments/HDP3/HDP-3.1.5/security-reference/content/kerberos_nonambari_...

 

View solution in original post

2,379 Views
0 Kudos
3 REPLIES 3

avatar
author-rank jsensharma author-rank
Master Mentor

Created ‎02-04-2020 02:27 AM

@OmThakare 
Are you managing keytabs/kerberos using Ambari?

If yes, then you can regenerate keytabs from Ambari UI. Ambari allows to either regenerate all keytabs or only for specific components on specific hosts.

 

Regenerating keytabs for all hosts in the cluster is a disruptive operation, and requires all components to be restarted. Optionally, keytabs can be regenerated only for missing hosts and components, and this operation requires selectively restarting those affected hosts and services.

 

https://docs.cloudera.com/HDPDocuments/Ambari-2.7.4.0/managing-and-monitoring-ambari/content/amb_reg...

.

If you are not not using Ambari to manage kerberos then  Following link describes How to create service principals and keytab files

https://docs.cloudera.com/HDPDocuments/HDP3/HDP-3.1.5/security-reference/content/kerberos_nonambari_...

 

2,380 Views
0 Kudos

avatar
author-rank OmThakare
Explorer

Created ‎02-04-2020 02:49 AM

I am using Ad kerberus and sentry for security.

2,374 Views
0 Kudos

avatar
author-rank OmThakare
Explorer

Created ‎04-29-2020 03:32 AM

no I am using CDH 5.13.3

2,295 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements