@thapas, Welcome to the Cloudera Community. As this is an older post, you would have a better chance of receiving a resolution by starting a new thread. This will also be an opportunity to provide details specific to your environment that could aid others in assisting you with a more accurate answer to your question. You can link this thread as a reference in your new post. ... View more

Hi team, I want to configuration "yarn-user/hdp01-node.lab.contoso.com@LAB.CONTOSO.COM" to "yarn-user" "yarn-user/hdp02-node.lab.contoso.com@LAB.CONTOSO.COM" to "yarn-user" "yarn-user/hdp03-node.lab.contoso.com@LAB.CONTOSO.COM" to "yarn-user" Please given a rule advidor. Thanks ... View more

@rlevas what if the password has changed? what steps do we need to take as a fix? ... View more

1. Login to ambari database hosted server.   2. Take the backup of database. Replace XXXXXX with correct pasword nohup mysqldump -u root -pXXXXXX --databases ambari >/ambari.sql & 3. Login to mysql with root or ambari account and remove hive keytabs. delete from kerberos_principal_host where principal_name like '%hive%'; delete from kerberos_principal where principal_name like '%hive%'; 4. Restart Ambari server. 5. Regenerate the keytabs with valid   account 6. Start the Node manager.   Note: its not only for Hive.. we can remove based on error. as caches in ambari database prevents to regenerate again  ... View more

thank you so much. I encountered same problem,but it solved after read your solution. I also changed the default config in Ambari to only 2 encryption types and hashed out the default ticket encryptions as well, then error went away. ... View more

@mRabramS Can you share how you reconfigure the KDC ?  @VidyaSargur I’m really sorry , I opened a new thread but there’s no response    BR, ... View more

Hi,  You must deploy the jce policy on every cluster nodes if you are using built-in openjdk. Please follow the steps. [root@hostname]# locate local_policy.jar [root@hostname]# wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jce/8/jce_policy-8.zip" [root@hostname]# unzip -o -j -q jce_policy-8.zip -d /usr/jdk64/jdk1.8.0_112/jre/lib/security/ [root@hostname]# ambari-server rstart   Now test the connection. Hopes it will resolves the issue.   ... View more

There are properties that are set under both - service level configurations and under Admin -- Kerberos configurations, such as yarn.admin.acl  What if the two properties point to different values, which properties does the service pick when required?  ... View more

Sorry for the bump. I tried this in the HDP Sandbox and discovered that installing krb5-workstation-1.15.1-37.el7_7.2.x86_64.rpm solved the problem ... View more

How did you find that some process is destroying the ticket? I am also facing same issue. ... View more