Hello @prabhat10 , Try this - Backup your /etc/krb5.conf on all the hosts Verify the encryption types supported from your Kerberos server (If MIT - Check "supported_enctypes" in /var/kerberos/krb5kdc/) Check the " Kerberos Encryption Types" under CM > Administration > Security > Kerberos Credentials > Configuration. Include the encryption types supported by your KDC. Enable "Manage krb5.conf through Cloudera Manager" from the same configuration page. Select "Deploy Kerberos client configuration" from the drop-down near your cluster. Once deployed, verify if the krb5.conf on the agent nodes have the encryption types included as mentioned in CM. If CM server is running on stale kerberos configuration, copy the krb5.conf from one of the agent nodes to CM server. Regenerate the principals from CM. (If this is success, you should be able to restart CM and CDH services).
... View more
Great article! I faced the following error while trying adding data to ldap (Step 13.) # ldapadd -x -W -D "cn=Manager,dc=example,dc=com" -f /root/ldap/base.ldif Enter LDAP Password: adding new entry "dc=example,dc=com" ldap_add: Invalid syntax (21) additional info: objectClass: value #1 invalid per syntax After some research, found that we need to add the cosine and nis LDAP schemas before running the preceding command. # ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif # ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif # ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
... View more