[jira] [Commented] (AMBARI-14001) Encryption Types ineffective by default.

David Tucker (JIRA) Fri, 20 Nov 2015 11:47:41 -0800

    [ 
https://issues.apache.org/jira/browse/AMBARI-14001?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15018643#comment-15018643
 ]


David Tucker commented on AMBARI-14001:
---------------------------------------

Relevant section of the conf file (see bottom):
```
[libdefaults]
  renew_lifetime = 7d
  forwardable = true
  default_realm = {{realm}}
  ticket_lifetime = 24h
  dns_lookup_realm = false
  dns_lookup_kdc = false
  #default_tgs_enctypes = {{encryption_types}}
  #default_tkt_enctypes = {{encryption_types}}
```

> Encryption Types ineffective by default.
> ----------------------------------------
>
>                 Key: AMBARI-14001
>                 URL: https://issues.apache.org/jira/browse/AMBARI-14001
>             Project: Ambari
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 2.1.0
>         Environment: HDP 2.3, 1 master, 5 slaves
>            Reporter: David Tucker
>
> While enabling Kerberos (in the Configure Kerberos tab, on the Advanced 
> kerberos-env menu), Encryption Types may be specified. Unfortunately, this 
> setting has no effect unless the corresponding values (default_tgs_enctypes 
> and default_tkt_enctypes) are uncommented from the krb5.conf file. If you 
> forget this step, you cannot edit the conf file directly because Ambari will 
> overwrite your changes. Kerberos must be disabled in Ambari and re-enabled 
> with the appropriate key-value pairs uncommented.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (AMBARI-14001) Encryption Types ineffective by default.

Reply via email to