Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

how to create new keytab if my previous keytab is expired?

Solved Go to solution
Highlighted

how to create new keytab if my previous keytab is expired?

New Contributor

how to create new keytab if my previous keytab is expired?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: how to create new keytab if my previous keytab is expired?

Super Mentor

@OmThakare 
Are you managing keytabs/kerberos using Ambari?

If yes, then you can regenerate keytabs from Ambari UI. Ambari allows to either regenerate all keytabs or only for specific components on specific hosts.

 

Regenerating keytabs for all hosts in the cluster is a disruptive operation, and requires all components to be restarted. Optionally, keytabs can be regenerated only for missing hosts and components, and this operation requires selectively restarting those affected hosts and services.

 

https://docs.cloudera.com/HDPDocuments/Ambari-2.7.4.0/managing-and-monitoring-ambari/content/amb_reg...

.

If you are not not using Ambari to manage kerberos then  Following link describes How to create service principals and keytab files

https://docs.cloudera.com/HDPDocuments/HDP3/HDP-3.1.5/security-reference/content/kerberos_nonambari_...

 

View solution in original post

2 REPLIES 2

Re: how to create new keytab if my previous keytab is expired?

Super Mentor

@OmThakare 
Are you managing keytabs/kerberos using Ambari?

If yes, then you can regenerate keytabs from Ambari UI. Ambari allows to either regenerate all keytabs or only for specific components on specific hosts.

 

Regenerating keytabs for all hosts in the cluster is a disruptive operation, and requires all components to be restarted. Optionally, keytabs can be regenerated only for missing hosts and components, and this operation requires selectively restarting those affected hosts and services.

 

https://docs.cloudera.com/HDPDocuments/Ambari-2.7.4.0/managing-and-monitoring-ambari/content/amb_reg...

.

If you are not not using Ambari to manage kerberos then  Following link describes How to create service principals and keytab files

https://docs.cloudera.com/HDPDocuments/HDP3/HDP-3.1.5/security-reference/content/kerberos_nonambari_...

 

View solution in original post

Highlighted

Re: how to create new keytab if my previous keytab is expired?

New Contributor

I am using Ad kerberus and sentry for security.

Don't have an account?
Coming from Hortonworks? Activate your account here