Modify
/etc/krb5.conf and change the realm name and extensions.
Modify
/var/kerberos/krb5kdc/kdc.conf and change the realm name to match your own.
If your KDC is a VM, recreate
/dev/random (otherwise your next step of creating the KDC database will take a very long time).
Remove using:
# rm -rf /dev/random
Recreate using:
# mknod /dev/random c 1 9
Create the KDC database.
# kdb5_util create -s
NOTE: If you made a mistake with the initial principals. For example, you ran "kdb5_util create -s" incorrectly, you might need to delete these principals explicitly in the
/var/kerberos/krb5kdc/
directory.
Modify
kadm5.acl to specify users that have admin permission.
*/admin@DET.EMC.COM *
Modify
/var/kerberos/krb5kdc/kdc.conf and take out any encryption type except
des-cbc-crc:normal. Also modify the realm name.
Ensure that iptables and selinux are off on all nodes (KDC server as well as Hadoop nodes).
Start KDC services and create a local admin principal.
kadmin.local
# service krb5kdc start
# service kadmin start
# /usr/kerberos/sbin/kadmin.local-q "addprinc root/admin"
# kinit root/admin
Copy the
krb5.conf file to all Hadoop nodes.
Any time you make a modification to any of the configuration files restart the below services and copy the
krb5.conf file over to relevant Hadoop host and ECS nodes.
Restart the services.
service krb5kdc restart
service kadmin restart
Alternatively, use vendor documentation to set up a Kerberos KDC.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\