when i execute the below api from windows 2016, it failing. But same success from linux. Any idea how to resolve this?   C:\Users\atnadmin>D:\CDC\curl\curl -v -i --negotiate -u : "http://xxxx:50070/webhdfs/v1/?op=GETFILESTATUS" * Trying 10.163.33.97... * TCP_NODELAY set * Connected toxxxx (xx.xx.xx.xx) port 50070 (#0) > GET /webhdfs/v1/?op=GETFILESTATUS HTTP/1.1 > Host: xxxx:50070 > User-Agent: curl/7.54.1 > Accept: */* > < HTTP/1.1 401 Authentication required HTTP/1.1 401 Authentication required < Date: Mon, 02 Aug 2021 08:36:03 GMT Date: Mon, 02 Aug 2021 08:36:03 GMT < Date: Mon, 02 Aug 2021 08:36:03 GMT Date: Mon, 02 Aug 2021 08:36:03 GMT < Pragma: no-cache Pragma: no-cache < X-FRAME-OPTIONS: SAMEORIGIN X-FRAME-OPTIONS: SAMEORIGIN < WWW-Authenticate: Negotiate WWW-Authenticate: Negotiate < Set-Cookie: hadoop.auth=; Path=/; HttpOnly Set-Cookie: hadoop.auth=; Path=/; HttpOnly < Cache-Control: must-revalidate,no-cache,no-store Cache-Control: must-revalidate,no-cache,no-store < Content-Type: text/html;charset=iso-8859-1 Content-Type: text/html;charset=iso-8859-1 < Content-Length: 271 Content-Length: 271 < * Ignoring the response-body * Connection #0 to host xxxx left intact * Issue another request to this URL: 'http://xxxx:50070/webhdfs/v1/?op=GETFILESTATUS' * Found bundle for host slbdpapgr0b.ge.net: 0x224afe49300 [can pipeline] * Re-using existing connection! (#0) with host xxxx * Connected to xxxx (xx.xx.xx.xx) port 50070 (#0) * Server auth using Negotiate with user '' > GET /webhdfs/v1/?op=GETFILESTATUS HTTP/1.1 > Host: slbdpapgr0b.ge.net:50070 > Authorization: Negotiate TlRMTVNTUAABAAAAt4II4gAAAAAAAAAAAAAAAAAAAAAKADk4AAAADw== > User-Agent: curl/7.54.1 > Accept: */* > < HTTP/1.1 403 java.lang.IllegalArgumentException HTTP/1.1 403 java.lang.IllegalArgumentException < Date: Mon, 02 Aug 2021 08:36:03 GMT Date: Mon, 02 Aug 2021 08:36:03 GMT < Date: Mon, 02 Aug 2021 08:36:03 GMT Date: Mon, 02 Aug 2021 08:36:03 GMT < Pragma: no-cache Pragma: no-cache < X-FRAME-OPTIONS: SAMEORIGIN X-FRAME-OPTIONS: SAMEORIGIN < Set-Cookie: hadoop.auth=; Path=/; HttpOnly Set-Cookie: hadoop.auth=; Path=/; HttpOnly < Cache-Control: must-revalidate,no-cache,no-store Cache-Control: must-revalidate,no-cache,no-store < Content-Type: text/html;charset=iso-8859-1 Content-Type: text/html;charset=iso-8859-1 < Content-Length: 293 Content-Length: 293 < <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/> <title>Error 403 java.lang.IllegalArgumentException</title> </head> <body><h2>HTTP ERROR 403</h2> <p>Problem accessing /webhdfs/v1/. Reason: <pre> java.lang.IllegalArgumentException</pre></p> </body> </html> * Closing connection 0 C:\Users\atnadmin>   Thanks Kamal ... View more

After follow the exact steps which mentioned in this blog, I got below exception in ranger kms log and distcp job was failed.   org.apache.hadoop.security.authentication.util.KerberosName$NoMatchingRule: No rules applied to hdfs-dev_cluster@BDPDEV.GE.NET   Added the same rules in advanced kms-site config under hadoop.kms.authentication.kerberos.name.rules property which we added in advanced hdfs core-site config.  Now I am able to run the distcp job successfully. ... View more