Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

password incorrect

Labels:
avatar
author-rank amazon20062007
Contributor

Created on ‎01-22-2017 10:06 AM - edited ‎09-16-2022 03:55 AM

After I "Enable Kerberos" I execute kinit, it reminds me to input password. But i do not set password for it.

3,222 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank jsensharma author-rank
Master Mentor

Created ‎01-22-2017 11:17 AM

@Zhao Chaofeng

Are you passing the keytab path to it?

Example:

Syntax:
kinit -kt  /PATH/TO/Keytab_file  $PRINCIPAL_NAME

Example:
kinit  -kt  /etc/security/keytabs/hdfs.headless.keytab  hdfs-ClusterDemo@EXAMPLE.COM

.

View solution in original post

2,679 Views
0 Kudos
5 REPLIES 5

avatar
author-rank jsensharma author-rank
Master Mentor

Created ‎01-22-2017 11:17 AM

@Zhao Chaofeng

Are you passing the keytab path to it?

Example:

Syntax:
kinit -kt  /PATH/TO/Keytab_file  $PRINCIPAL_NAME

Example:
kinit  -kt  /etc/security/keytabs/hdfs.headless.keytab  hdfs-ClusterDemo@EXAMPLE.COM

.

2,680 Views
0 Kudos

avatar
author-rank amazon20062007
Contributor

Created ‎01-22-2017 01:44 PM

Yes, I kinit -kt first, and then execute kadmin.local.

2,679 Views
0 Kudos

avatar
author-rank amazon20062007
Contributor

Created ‎01-23-2017 09:10 AM 

My operation is:
[root@bigdata013 centos]# kinit -kt /etc/security/keytabs/hdfs.headless.keytab hdfs-bigdata@ISTUARY.COM
[root@bigdata013 centos]# kinit hdfs-bigdata@ISTUARY.COM
Password for hdfs-bigdata@ISTUARY.COM: 
kinit: Password incorrect while getting initial credentials
2,679 Views
0 Kudos

avatar
author-rank jsensharma author-rank
Master Mentor

Created ‎01-23-2017 10:00 AM

@Zhao Chaofeng

Looks like your kinit was successful earlier when you run the command as it did not show any error. So i think the ticket was generated fine.

[root@bigdata013 centos]# kinit -kt /etc/security/keytabs/hdfs.headless.keytab hdfs-bigdata@ISTUARY.COM

After running the above command did you check the output of "klist" command to see if you got the kerberos ticket?

[root@bigdata013 centos]# klist

.

Example at my end:

# kinit  -kt  /etc/security/keytabs/hdfs.headless.keytab  hdfs-JoyCluster@EXAMPLE.COM 

# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: hdfs-JoyCluster@EXAMPLE.COM

Valid starting     Expires            Service principal
01/23/17 10:00:20  01/23/17 10:00:50  krbtgt/EXAMPLE.COM@EXAMPLE.COM
    renew until 01/23/17 10:00:20

.

2,679 Views
0 Kudos

avatar
author-rank amazon20062007
Contributor

Created ‎01-23-2017 10:10 AM

Yes, I run the command success before, but it is not right when I run the command after I install LDAP.

Thank you, I will retry a minute.

2,679 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements