Cloudera Community
mamir2005
user rank
Explorer

Re: Install and Test Kerberos Client

by Explorer in Support Questions
‎03-16-2019 05:18 PM
‎03-16-2019 05:18 PM
Thank you all for your help. ... View more

Re: Install and Test Kerberos Client

by Explorer in Support Questions
‎11-09-2018 05:45 AM
‎11-09-2018 05:45 AM
Thanks Jay Kumar SenSharma for your comments, I have followed more or less the same steps are you provided but still gets ldap connection error. I have pasted my steps below, hope to get feedback [ambari@hadoop /]$ sudo keytool -import -file /etc/pki/ca-trust/source/anchors/activedirectory.cer -alias adcert -keystore /var/lib/ambari-server/keys/cacerts.jks Enter keystore password: [ambari@hadoop /]$ sudo ambari-server stop Using python /usr/bin/python Stopping ambari-server Waiting for server stop... Ambari Server stopped [ambari@hadoop /]$ sudo ambari-server setup-security Using python /usr/bin/python Security setup options... =========================================================================== Choose one of the following options: [1] Enable HTTPS for Ambari server. [2] Encrypt passwords stored in ambari.properties file. [3] Setup Ambari kerberos JAAS configuration. [4] Setup truststore. [5] Import certificate to truststore. =========================================================================== Enter choice, (1-5): 4 Do you want to configure a truststore [y/n] (y)? y The truststore is already configured. Do you want to re-configure the truststore [y/n] (y)? y TrustStore type [jks/jceks/pkcs12] (jks): jks Path to TrustStore file :/var/lib/ambari-server/keys/cacerts.jks Password for TrustStore: Re-enter password: Ambari Server 'setup-security' completed successfully. [ambari@hadoop /]$ sudo ambari-server setup-security Using python /usr/bin/python Security setup options... =========================================================================== Choose one of the following options: [1] Enable HTTPS for Ambari server. [2] Encrypt passwords stored in ambari.properties file. [3] Setup Ambari kerberos JAAS configuration. [4] Setup truststore. [5] Import certificate to truststore. =========================================================================== Enter choice, (1-5): 5 Do you want to configure a truststore [y/n] (y)? y Do you want to import a certificate [y/n] (y)? y Please enter an alias for the certificate: adcert Enter path to certificate: /etc/pki/ca-trust/source/anchors/activedirectory.cer Ambari Server 'setup-security' completed successfully. [ambari@hadoop /]$ sudo ambari-server start ... View more

Install and Test Kerberos Client

by Explorer in Support Questions
‎11-08-2018 01:06 AM
‎11-08-2018 01:06 AM
When configuring Kerberos authentication with Microsoft Active Directory on HDP 2.6, the configuration successfully Installs Kerberos client but fails on Test Kerberos Client with below error. 400 status codereceived on POST method for API: /api/v1/clusters/ClusterName/requests Error message: Failed to connect to KDC - Failed to communicate with the Active Directory at ldaps://10.10.1.13:636: 10.10Z.1.13:636 Make sure the server's SSL certificate or CA certificates have been imported into Ambari's truststore. Ambari is running on non-root account with all the required permission is granted on sudoer. I appreciate if anyone can help as I am exhausted with this troubleshooting. FYI, AD authentication is configured successfully on the cluster. ... View more
Contact Me
Online
Offline
Last Visited
‎08-10-2019 01:15 PM
Community Statistics
Member Since ‎11-07-2018 10:51 PM
Last Visited ‎08-10-2019 01:15 PM
Posts 4