ElephantAdmin
New Contributor
My Accepted Solutions
Show All

Re: Can't restart services after removing kerberos...

by New Contributor in Support Questions
‎10-19-2020 05:00 AM
‎10-19-2020 05:00 AM
Try below. Some times the ambari cluster environment variable security_enabled might still hold the value true and hence all services expect keytabs .   To validate the value of the environment variable  /var/lib/ambari-server/resources/scripts/configs.py -a get -l <ambari-server host> -t 8080 -n <cluster-name> -u <admin-user> -p <admin-password> -c cluster-env | grep security "security_enabled": "true", "smokeuser_keytab": "/etc/security/keytabs/smokeuser.headless.keytab"   /var/lib/ambari-server/resources/scripts/configs.py -a set -k security_enabled -v false -l <ambari-server host> -t 8080 -n <cluster name> -u <admin user> -p <admin password> -c cluster-env   Try setting that variable to false ... View more

Re: Tez ERROR when running hive queries from Zeppe...

by New Contributor in Support Questions
‎12-19-2019 11:43 PM
‎12-19-2019 11:43 PM
To get the actual root cause please check the hiveserver2.log from the node there hiveserver2 is running.   In our case it was the respective user was not having access to default queue and we make the user to explicitly set tez.queue.name before executing the query in zeppelin and the issue is resolved now. ... View more

Re: HOW CAN I RETRIEVE LDAP GROUP FOR ZEPPELIN 0.8...

by New Contributor in Support Questions
‎08-29-2019 10:04 PM
1 Kudo
‎08-29-2019 10:04 PM
1 Kudo
Hi @raobelina_toky_ Is this setup done?   Else Please try out below steps.   Step1: In rolesByGroup please specify only the group's cn and not the full. Change "cn=Group-admin,dc=domain,dc=company": to Group-admin:admin_role   Step2: Validate your group search base path ldapRealm.groupSearchBase and group Object class name and memberAttribute. For instance if your  ldapRealm.groupSearchBase = dc=domain, dc=company ldapRealm.groupObjectClass = posixGroup ldapRealm.memberAttribute = member   As per the source code it pulls group's cn based on these values. Also comment out below if there is no group inside groups. # Enable support for nested groups using the LDAP_MATCHING_RULE_IN_CHAIN operator #ldapRealm.groupSearchEnableMatchingRuleInChain = true   To cross verify your settings try using ldapsearch this comes as part of ldap-utils package. Replace the values in <> and try search.   ldapsearch -h <ldapHost> -p <ldapport> -D <ldapRealm.contextFactory.systemUsername> -w <bind user password> -b <groupSearchBase> -s sub "(objectclass=<groupObjectClass>)" ... View more
Contact Me
Online
Offline
Last Visited
‎11-08-2020 10:37 AM
Public Statistics
Date Registered ‎08-29-2019 09:54 PM
Last Visited ‎11-08-2020 10:37 AM
Total Messages Posted 3
Total Kudos Received 1