@raouia Please can you check this link Configuring Kerberos Authentication for Hue ... View more

@raouia To validate the hue kerberos ticket as hue user run.What the output of the below statement? $ klist Forcefully expire the ticket $kdestroy As hue user grab a Kerberos ticket $ kinit -k -t /etc/security/keytabs/hue.service.keytab hue/$FQDN@REALM Validate by running $klist Retry the earlier steps ... View more

@Kaliyug Antagonist Did you have a look at this document ... View more

@Larry Wilson Could this be the link you are looking for ? ... View more

@Larry Wilson There is a solution for exactly the same issue already posted in HCC have a look at this link https://community.hortonworks.com/questions/122795/sandbox-cannot-open-a-hive-connection-with-connect.html# That should help ... View more

@Larry Wilson FYI mine is a single node HDP 2.6 kerberized cluster not a sandbox Can you upload or what the error in /var/log/hive/hiveserver2.log ... View more

@Larry Wilson I have a 2.6 single node kerberized cluster but I would think the setup should be the same. Could you attach here the screenshot of the File view config in the Manage Ambari UI ... View more

@suraj l Policy name error I noted that you have a policy name proxy instead of /proxy see attached screenshot NiFi supports user authentication via client certificates, via username/password, or via Apache Knox., Username/password authentication is performed by a Login Identity Provider which is a pluggable mechanism for authenticating users via their username/password it is configured in the nifi.properties file options are LDAP and Kerberos. The nifi.login.identity.provider.configuration.file=/usr/hdf/current/nifi/conf/login-identity-providers.xml property specifies the configuration file for Login Identity Providers. The nifi.security.user.login.identity.provider = property indicates which of the configured Login Identity Provider should be used. By default, this property is not configured meaning that username/password must be explicitly enabled. Anonymous users Can you edit /etc/nifi/3.0.1.1-5/0/authorizers.xml change the below property from default true to false <property name="Allow Anonymous">true</property> Please test and revert ... View more

@suraj l You are right those files ain't in the /usr/hdf/current/nifi/conf no need to generate them because they are encapsulated in the authorizers.xml <authorizer> <identifier>ranger-provider</identifier> <class>org.apache.nifi.authorization.FileAuthorizer</class> <property name="Authorizations File">/var/lib/nifi/conf/authorizations.xml</property> <property name="Users File">/var/lib/nifi/conf/users.xml</property> <property name="Initial Admin Identity"></property> <property name="Legacy Authorized Users File"></property> So you should check the values in those files in /var/lib/nifi/conf ... View more