Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Check out our newest addition to the community, the Cloudera Data Analytics (CDA) group hub.
Solved Go to solution

how to create new keytab if my previous keytab is expired?

Labels:
OmThakare
Explorer

Created on ‎02-04-2020 02:00 AM - last edited on ‎02-04-2020 06:14 AM by Community Manager Community Manager

how to create new keytab if my previous keytab is expired?

1,286 Views
0 Kudos
1 ACCEPTED SOLUTION

jsensharma
Super Mentor

Created ‎02-04-2020 02:27 AM

@OmThakare 
Are you managing keytabs/kerberos using Ambari?

If yes, then you can regenerate keytabs from Ambari UI. Ambari allows to either regenerate all keytabs or only for specific components on specific hosts.

 

Regenerating keytabs for all hosts in the cluster is a disruptive operation, and requires all components to be restarted. Optionally, keytabs can be regenerated only for missing hosts and components, and this operation requires selectively restarting those affected hosts and services.

 

https://docs.cloudera.com/HDPDocuments/Ambari-2.7.4.0/managing-and-monitoring-ambari/content/amb_reg...

.

If you are not not using Ambari to manage kerberos then  Following link describes How to create service principals and keytab files

https://docs.cloudera.com/HDPDocuments/HDP3/HDP-3.1.5/security-reference/content/kerberos_nonambari_...

 

View solution in original post

1,275 Views
0 Kudos
3 REPLIES 3

jsensharma
Super Mentor

Created ‎02-04-2020 02:27 AM

@OmThakare 
Are you managing keytabs/kerberos using Ambari?

If yes, then you can regenerate keytabs from Ambari UI. Ambari allows to either regenerate all keytabs or only for specific components on specific hosts.

 

Regenerating keytabs for all hosts in the cluster is a disruptive operation, and requires all components to be restarted. Optionally, keytabs can be regenerated only for missing hosts and components, and this operation requires selectively restarting those affected hosts and services.

 

https://docs.cloudera.com/HDPDocuments/Ambari-2.7.4.0/managing-and-monitoring-ambari/content/amb_reg...

.

If you are not not using Ambari to manage kerberos then  Following link describes How to create service principals and keytab files

https://docs.cloudera.com/HDPDocuments/HDP3/HDP-3.1.5/security-reference/content/kerberos_nonambari_...

 

1,276 Views
0 Kudos

OmThakare
Explorer

Created ‎02-04-2020 02:49 AM

I am using Ad kerberus and sentry for security.

1,270 Views
0 Kudos

OmThakare
Explorer

Created ‎04-29-2020 03:32 AM

no I am using CDH 5.13.3

1,191 Views
0 Kudos
Take a Tour of the Community
Don't have an account?
Register
Your experience may be limited. Sign in to explore more.
Announcements
Product Announcements
CDP Public Cloud: May 2023 Release Summary
What's New @ Cloudera
Cloudera Operational Database (COD) provides enhancements to the --scale-type CDP CLI option
What's New @ Cloudera
Cloudera Operational Database (COD) UI supports creating a smaller cluster using a predefined Data Lake template
What's New @ Cloudera
Cloudera Operational Database (COD) supports scaling up the clusters vertically
Product Announcements
CDP Public Cloud: April 2023 Release Summary
View More Announcements