Cloudera Community
ldias
user rank
Explorer

No rules applied to rangerlookup@EXAMPLE.COM on RA...

by Explorer in Support Questions
‎06-28-2016 05:12 PM
‎06-28-2016 05:12 PM
I'm trying to configure the service repository for HDFS, using the user rangerlookup created on AD, but I'm getting an error on xa_portal.log 2016-06-28 17:58:48,676 [timed-executor-pool-0] ERROR apache.ranger.services.hdfs.client.HdfsResourceMgr (HdfsResourceMgr.java:48) - <== HdfsResourceMgr.testConnection Error: java.lang.IllegalArgumentException: Illegal principal name rangerlookup@EXAMPLE.COM: org.apache.hadoop.security.authentication.util.KerberosName$NoMatchingRule: No rules applied to rangerlookup@EXAMPLE.COM 2016-06-28 17:58:48,676 [timed-executor-pool-0] ERROR org.apache.ranger.services.hdfs.RangerServiceHdfs (RangerServiceHdfs.java:59) - <== RangerServiceHdfs.validateConfig Error:java.lang.IllegalArgumentException: Illegal principal name rangerlookup@EXAMPLE.COM: org.apache.hadoop.security.authentication.util.KerberosName$NoMatchingRule: No rules applied to rangerlookup@EXAMPLE.COM 2016-06-28 17:58:48,676 [timed-executor-pool-0] ERROR org.apache.ranger.biz.ServiceMgr$TimedCallable (ServiceMgr.java:434) - TimedCallable.call: Error:java.lang.IllegalArgumentException: Illegal principal name rangerlookup@EXAMPLE.COM: org.apache.hadoop.security.authentication.util.KerberosName$NoMatchingRule: No rules applied to rangerlookup@EXAMPLE.COM 2016-06-28 17:58:48,676 [http-bio-6182-exec-8] ERROR org.apache.ranger.biz.ServiceMgr (ServiceMgr.java:120) - ==> ServiceMgr.validateConfig Error:java.util.concurrent.ExecutionException: java.lang.IllegalArgumentException: Illegal principal name rangerlookup@EXAMPLE.COM: org.apache.hadoop.security.authentication.util.KerberosName$NoMatchingRule: No rules applied to rangerlookup@EXAMPLE.COM My service configuration the following: Username = rangerlookup@EXAMPLE.COM Password = ***** Namenode URL = hdfs://<clusterservicename> Authorization Enabled = Yes Authentication Type = Kerberos hadoop.security.auth_to_local = <core-site.xml auth_to_local parameter> dfs.datanode.kerberos.principal = dn/_HOST@EXAMPLE.COM dfs.namenode.kerberos.principal = nn/_HOST@EXAMPLE.COM dfs.secondary.namenode.kerberos.principal = nn/_HOST@EXAMPLE.COM RPC ProtectioN Type = Authentication Common Name for Certificate = ranger Does anyone know this error? ... View more
Labels:
Contact Me
Online
Offline
Last Visited
‎07-01-2016 06:20 PM
Community Statistics
Member Since ‎05-18-2016 04:39 PM
Last Visited ‎07-01-2016 06:20 PM
Posts 5
Kudos received 1