[
https://issues.apache.org/jira/browse/AMBARI-10493?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hari Sekhon updated AMBARI-10493:
---------------------------------
Environment: HDP 2.2.0 (was: HDP 2.2)
> Ambari 2.0 doesn't recognize Kerberos on existing cluster
> ---------------------------------------------------------
>
> Key: AMBARI-10493
> URL: https://issues.apache.org/jira/browse/AMBARI-10493
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server, security
> Affects Versions: 2.0.0
> Environment: HDP 2.2.0
> Reporter: Hari Sekhon
>
> After upgrading to Ambari 2.0 (from 1.7) it wants to manage Kerberos but it
> doesn't seem to have the capability to just use the existing keytabs as we
> have historically done - it wants to redeploy them from an MIT KDC, which
> would obviously mess up my already deployed cluster which is running on
> FreeIPA (which includes an MIT KDC in each IPA server but isn't supported to
> be managed via kadmin interface).
> There doesn't seem to be an obvious way of getting Ambari to re-enable or
> recognize that kerberos is deployed and the services are kerberized. The
> current configurations do seem to still be intact with the kerberos config
> settings but Ambari does not recognize that Kerberos is deployed and I'm
> concerned this is going to eventually mess up my existing cluster or deploy
> new services without Kerberos.
> Hari Sekhon
> http://www.linkedin.com/in/harisekhon
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
