Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

using Kadmin for connectiong to AD KDC

Labels:
avatar
author-rank gvishal
Contributor

Created on ‎06-27-2017 12:20 PM - edited ‎09-16-2022 04:50 AM

Have anyone tried kadmin (connecting to AD KDC) after kerberising the hadoop cluster using Ambari?

I am using the same credentials and it is saying “Required KADM5 principal missing while initializing kadmin interface”. What is the recommended best way to AD KDC connection? Thanks for help

12,086 Views
1 ACCEPTED SOLUTION

avatar
author-rank rlevas
Guru

Created ‎06-27-2017 02:19 PM

@Vishal Gupta

You cannot use the MIT Kerberos package's kadmin tool to manage an Active Directory - you need to use Active Directory-specific tools, or for creating accounts, a tool that can communicate to the AD using LDAP.

For an LDAP approach, see this article posted by @dvillarreal: How to create AD principal accounts using OpenLdap utilities and adding it to a keytab.

View solution in original post

9,475 Views
3 REPLIES 3

avatar
author-rank ibhatt
Rising Star

Created ‎06-27-2017 12:35 PM

@Vishal Gupta You might not have added principals for kadmin/fqdn@DOMAIN as well as the legacy fallback kadmin/admin@DOMAIN. You can add them using kadmin.local

https://web.mit.edu/kerberos/krb5-1.13/doc/admin/admin_commands/kadmin_local.html

9,475 Views
0 Kudos

avatar
author-rank rlevas
Guru

Created ‎06-27-2017 02:19 PM

@Vishal Gupta

You cannot use the MIT Kerberos package's kadmin tool to manage an Active Directory - you need to use Active Directory-specific tools, or for creating accounts, a tool that can communicate to the AD using LDAP.

For an LDAP approach, see this article posted by @dvillarreal: How to create AD principal accounts using OpenLdap utilities and adding it to a keytab.

9,476 Views

avatar
author-rank gvishal
Contributor

Created ‎06-27-2017 11:39 PM

Thanks Robert and bhatt. This is helpful

9,475 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements