Github user mattyb149 commented on the issue:
https://github.com/apache/nifi/pull/3086
The krb5.conf from the TestRangerNiFiAuthorizer looks like this:
```
[libdefaults]
default_realm = EXAMPLE.COM
dns_lookup_kdc = false
dns_lookup_realm = false
[realms]
EXAMPLE.COM = {
kdc = kerberos.example.com
admin_server = kerberos.example.com
}
```
And doesn't have the setting of the `java.security.krb5.realm` or
`java.security.krb5.kdc` (I assume because they are unnecessary based on the
dns_lookup_* properties?). Might be worth a try...
---
