Support Questions

Hi , I am running into a problem .

i have  CDH cluster(kerberized cluster )  on unix and ETL client on windows .

so to authenticate i have installed kerberos client on on window and generate the ticket for my user .

but while running a job i am getting 

Starting job testjob at 18:40 16/02/2017.

[statistics] connecting to socket on port 3487
[statistics] connected
[WARN ]: org.apache.hadoop.util.NativeCodeLoader - Unable to load native-hadoop library for your platform... using builtin-java classes where applicable
Exception in component tHDFSOutput_1
java.io.IOException: failure to login
at org.apache.hadoop.security.UserGroupInformation.loginUserFromSubject(UserGroupInformation.java:823)
at org.apache.hadoop.security.UserGroupInformation.getLoginUser(UserGroupInformation.java:760)
at org.apache.hadoop.security.UserGroupInformation.getCurrentUser(UserGroupInformation.java:633)
at org.apache.hadoop.fs.FileSystem$Cache$Key.<init>(FileSystem.java:2859)
at org.apache.hadoop.fs.FileSystem$Cache$Key.<init>(FileSystem.java:2851)
at org.apache.hadoop.fs.FileSystem$Cache.get(FileSystem.java:2714)
at org.apache.hadoop.fs.FileSystem.get(FileSystem.java:382)
at org.apache.hadoop.fs.FileSystem.get(FileSystem.java:181)
at local_project.testjob_0_1.testjob.tFixedFlowInput_1Process(testjob.java:709)
at local_project.testjob_0_1.testjob.tHDFSConnection_1Process(testjob.java:419)
at local_project.testjob_0_1.testjob.runJobInTOS(testjob.java:1156)
at local_project.testjob_0_1.testjob.main(testjob.java:990)
Caused by: javax.security.auth.login.LoginException: java.lang.IllegalArgumentException: Illegal principal name 25761081@PROD.GLOBAL.COM: org.apache.hadoop.security.authentication.util.KerberosName$NoMatchingRule: No rules applied to 25761081@PROD.GLOBAL.COM
[FATAL]: local_project.testjob_0_1.testjob - tHDFSOutput_1 failure to login
at org.apache.hadoop.security.UserGroupInformation$HadoopLoginModule.commit(UserGroupInformation.java:199)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.access$000(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
at javax.security.auth.login.LoginContext.login(Unknown Source)
at org.apache.hadoop.security.UserGroupInformation.loginUserFromSubject(UserGroupInformation.java:798)
... 11 more
Caused by: java.lang.IllegalArgumentException: Illegal principal name 25761081@PROD.GLOBAL.COM: org.apache.hadoop.security.authentication.util.KerberosName$NoMatchingRule: No rules applied to 25761081@PROD.GLOBAL.COM
at org.apache.hadoop.security.User.<init>(User.java:50)
at org.apache.hadoop.security.User.<init>(User.java:43)
at org.apache.hadoop.security.UserGroupInformation$HadoopLoginModule.commit(UserGroupInformation.java:197)
... 23 more
Caused by: org.apache.hadoop.security.authentication.util.KerberosName$NoMatchingRule: No rules applied to 25761081@PROD.GLOBAL.COM
at org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:389)
at org.apache.hadoop.security.User.<init>(User.java:48)
... 25 more
[statistics] disconnected
Job testjob ended at 18:40 16/02/2017. [exit code=1]

************************

this is windows klist 

C:\Program Files\MIT\Kerberos\bin>klist
Ticket cache: FILE:C:\temp\krb5cache
Default principal: 25761081@PROD.GLOBAL.COM

Valid starting Expires Service principal
02/16/17 18:53:18 02/17/17 04:53:18 krbtgt/PROD.GLOBAL.COM@PROD.GLOBAL.COM
renew until 02/23/17 18:53:13

**********************

this is the krb5.ini

[realms]
CDH.PROD.GLOBAL.COM = {
kdc = XXXXXXXXXXXXXX
admin_server = XXXXXXXXXXXX
}
PROD.GLOBAL.COM = {
kdc = XXXXXXXXXXXXXXX:88
admin_server = XXXXXXXXXXXX:749
default_domain = PROD.GLOBAL.COM
}

Please suggest