Hi ! We installed our Freeipa server. And we faced some troubles. We don't know if it's because our server was instalesl with the French locale but Ambari try to search a terme "password" that it do not get in the ipa answer : org.apache.ambari.server.serveraction.kerberos.KerberosOperationException: Unexpected response from ipa: ------------------------------------- Utilisateur « hadoop-060217 » modifié ------------------------------------- Identifiant de connexion: hadoop-060217 Prénom: hadoop-060217 Nom: hadoop-060217 Répertoire personnel: /home/hadoop-060217 Interpréteur de commande: /bin/sh Nom principal: hadoop-060217@DMZ.DOMAIN.TLD Principal alias: hadoop-060217@DMZ.DOMAIN.TLD Adresse courriel: hadoop-060217@dmz.domain.tld Mot de passe aléatoire: saT4=1BwNwjV UID: 1302800005 GID: 1302800005 Compte désactivé: False Mot de passe: True Membre des groupes: ipausers, ambari-managed-principals Clés Kerberos disponibles: True at org.apache.ambari.server.serveraction.kerberos.IPAKerberosOperationHandler.updatePassword(IPAKerberosOperationHandler.java:551) at org.apache.ambari.server.serveraction.kerberos.IPAKerberosOperationHandler.createPrincipal(IPAKerberosOperationHandler.java:337) at org.apache.ambari.server.serveraction.kerberos.CreatePrincipalsServerAction.createPrincipal(CreatePrincipalsServerAction.java:256) at org.apache.ambari.server.serveraction.kerberos.CreatePrincipalsServerAction.processIdentity(CreatePrincipalsServerAction.java:159) In the java class, IPAKerberosOperationHandler, there is some references to "password" org/apache/ambari/server/serveraction/kerberos/IPAKerberosOperationHandler.java line 548 line 562 543 try { 544 ShellCommandUtil.Result result = invokeIpa(String.format("user-mod %s --random", principal)); 545 if (!result.isSuccessful()) { 546 throw new KerberosOperationException(result.getStderr()); 547 } 548 Pattern pattern = Pattern.compile("password: (.*)"); 549 Matcher matcher = pattern.matcher(result.getStdout()); 550 if (!matcher.find()) { 551 throw new KerberosOperationException("Unexpected response from ipa: " + result.getStdout()); 552 } 553 String old_password = matcher.group(1); 554 555 String credentialsCache = String.format("FILE:%s", fileName); 556 Process process = Runtime.getRuntime().exec(new String[]{executableKinit, "-c", credentialsCache, principal}); 557 reader = new BufferedReader(new InputStreamReader(process.getInputStream(), StandardCharsets.UTF_8)); 558 stderr = new BufferedReader(new InputStreamReader(process.getInputStream(), StandardCharsets.UTF_8)); 559 out = new OutputStreamWriter(process.getOutputStream()); 560 561 String data = readData(reader, stderr); 562 if (!data.startsWith("Password")) { 563 process.destroy(); 564 throw new KerberosOperationException("Unexpected response from kinit while trying to password for " 565 + principal + " got: " + data); 566 } 567 LOG.debug("Sending old password"); Does anyone know a workaround to allow Ambari complete installation with Freeipa ? Reagrds. ... View more