I have tried the following in a few different ways. Removing the kerberos-env and just using properties. I have also tried getting the kerberos-descriptor from the api and using that. I get the message "The descriptor must be a valid JSON with the required fields Kerberos configuration contains inconsistent parameters" with the below code. {
"kerberos-env":{
"properties" : {
"password_min_uppercase_letters" : "1",
"password_min_whitespace" : "0",
"password_min_punctuation" : "1",
"manage_auth_to_local" : "true",
"password_min_digits" : "1",
"set_password_expiry" : "false",
"encryption_types" : "aes des3-cbc-sha1 rc4 des-cbc-md5",
"kdc_create_attributes" : "",
"create_ambari_principal" : "true",
"password_min_lowercase_letters" : "1",
"password_length" : "20",
"case_insensitive_username_rules" : "true",
"manage_identities" : "true",
"password_chat_timeout" : "5",
"ad_create_attributes_template" : "\n{\n \"objectClass\": [\"top\", \"person\", \"organizationalPerson\", \"user\"],\n \"cn\": \"$principal_digest_256\",\n #if( $is_service )\n \"servicePrincipalName\": \"$principal_name\",\n #end\n \"userPrincipalName\": \"$normalized_principal\",\n \"unicodePwd\": \"$password\",\n \"accountExpires\": \"0\",\n \"userAccountControl\": \"66048\"\n}",
"preconfigure_services" : "DEFAULT",
"install_packages" : "true",
"ldap_url" : "ldaps://system.example.com:636",
"executable_search_paths" : "/usr/bin, /usr/kerberos/bin, /usr/sbin, /usr/lib/mit/bin, /usr/lib/mit/sbin",
"group" : "ambari-managed-principals",
"kdc_type": "active-directory"
}
}
}
... View more
