Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

rules for creating password in hadoop. Are their ,rules for creating password in hadoop.

Labels:
avatar
author-rank himanshi_gidwan
New Contributor

Created ‎05-03-2017 06:30 AM

Are their any rules or limitations while creating password in hadoop cluster. If yes, is their any documentation available for the same.

3,508 Views
0 Kudos
0
1 ACCEPTED SOLUTION

avatar
author-rank rguruvannagari author-rank
Super Collaborator

Created ‎05-03-2017 07:14 AM

@Himanshi Gidwani

Could you please clarify on what passwords you are referring here? We dont have any password authentication for hadoop(HDFS/YARN/MR). What ever user authenticated on client host(where executing hdfs command) will be the user accessing hadoop services. (Using kerberos is regular practise to configure authentication on hadoop)

View solution in original post

3,097 Views
0 Kudos
0
6 REPLIES 6

avatar
author-rank rguruvannagari author-rank
Super Collaborator

Created ‎05-03-2017 07:14 AM

@Himanshi Gidwani

Could you please clarify on what passwords you are referring here? We dont have any password authentication for hadoop(HDFS/YARN/MR). What ever user authenticated on client host(where executing hdfs command) will be the user accessing hadoop services. (Using kerberos is regular practise to configure authentication on hadoop)

3,098 Views
0 Kudos
0

avatar
author-rank himanshi_gidwan
New Contributor

Created ‎05-03-2017 07:23 AM

@rguruvannagari

I want to create on a kerberos hadoop cluster. Do we have rules for that?

like not adding a paranthesis or something?

3,097 Views
0 Kudos

avatar
author-rank rguruvannagari author-rank
Super Collaborator

Created ‎05-03-2017 08:06 AM

@Himanshi Gidwani

hadoop doesnt enforce any rules, if using AD for kerberos, usually password policies are set in AD. No such requirement from hadoop end. We just need a principal created in AD/KDC. Only recommendation is to set "password never expire" for the service account created in AD.

3,097 Views
0 Kudos

avatar
author-rank himanshi_gidwan
New Contributor

Created ‎05-03-2017 08:20 AM

@rguruvannagari

thanks

3,097 Views
0 Kudos

avatar
author-rank christian_w_m_d
New Contributor

Created ‎07-12-2018 11:06 AM

@Himanshi Gidwani

The only limitation i ran into so far was the password of my LDAP Manager / Bind user within Apache Ranger UserSync.

I got the following error message after I applied the correct AD Settings to UserSync:

resource_management.core.exceptions.Fail:
LDAP/AD bind password contains one of the unsupported special characters like
" ' \ `
3,097 Views
0 Kudos

avatar
author-rank Jimmi_Omaha
New Contributor

Created ‎11-21-2019 06:41 AM

I'm having a similar issue with the YARN clients in my cluster. When the password is set in Ambari and it has a special character of ">" the YARN Client interprets it as "&gt". 
Example:
Set passwd -  ba(PxO463$bd;>
Passwd in the yarn core-site.xml
lx963:/usr/hdp/2.6.5.0-292/hadoop-yarn/etc/hadoop #grep PxO463$bd core-site.xml
<value>ba(PxO463$bd;&gt;</value>
<value>ba(PxO463$bd;&gt;</value>

Is there a workaround or fix for this?

James Yarnell
2,958 Views
0 Kudos
Announcements
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
What's New @ Cloudera
Performance comparison of Spark3 on YARN with S3 Standard VS...
View More Announcements