Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Check out our newest addition to the community, the Cloudera Data Analytics (CDA) group hub.
Solved Go to solution

use keytab for ambari rest api

Labels:
itsssudheer
Contributor

Created ‎08-09-2018 03:40 PM

I am trying to sync group to ambari server using keytab through curl command.

I am using below command:

curl -i -k --negotiate -u : -H 'X-Requested-By: ambari' -X POST -d '[{"Event": {"specs":[{"principal_type":"groups","sync_type":"specific","names": "group_name"}]}}]' https://<host>:8442/api/v1/ldap_sync_events

Error:

HTTP/1.1 403 Missing authentication token Strict-Transport-Security: max-age=31536000 X-Frame-Options: DENY X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Pragma: no-cache Content-Type: text/plain;charset=ISO-8859-1 Content-Length: 64
1,595 Views
0 Kudos
1 ACCEPTED SOLUTION

rlevas
Guru

Created ‎08-09-2018 04:09 PM

@Sudheer Velagapudi

What version of Ambari are you using and did you turn on the Kerberos authentication feature of Ambari?

Have you looked at the Ambari server log (/var/log/ambari-server/ambari-server.log) to see if there is anything interesting (and related) in there?

Did you successfully kinit using a principal from a trusted KDC before issuing the curl command?

View solution in original post

1,331 Views
0 Kudos
2 REPLIES 2

rlevas
Guru

Created ‎08-09-2018 04:09 PM

@Sudheer Velagapudi

What version of Ambari are you using and did you turn on the Kerberos authentication feature of Ambari?

Have you looked at the Ambari server log (/var/log/ambari-server/ambari-server.log) to see if there is anything interesting (and related) in there?

Did you successfully kinit using a principal from a trusted KDC before issuing the curl command?

1,332 Views
0 Kudos

itsssudheer
Contributor

Created ‎08-09-2018 04:57 PM

Enabling kerberos authentication for the ambari resolved the issue.

Thank you @Robert Levas

1,331 Views
0 Kudos
Take a Tour of the Community
Don't have an account?
Register
Your experience may be limited. Sign in to explore more.
Announcements
Product Announcements
CDP Public Cloud: May 2023 Release Summary
What's New @ Cloudera
Cloudera Operational Database (COD) provides enhancements to the --scale-type CDP CLI option
What's New @ Cloudera
Cloudera Operational Database (COD) UI supports creating a smaller cluster using a predefined Data Lake template
What's New @ Cloudera
Cloudera Operational Database (COD) supports scaling up the clusters vertically
Product Announcements
CDP Public Cloud: April 2023 Release Summary
View More Announcements