Fay… Just as when you enabled Kerberos via the API and you needed to add the KERBEROS service and KERBEROS_CLIENT component… when you disable Kerberos, you also need to manually remove the KERBEROS_CLIENT component and KERBEROS service. The Ambari UI does this as part of the Enabled/Disable Kerberos wizard.
Rob From: Fay Wang <[email protected]<mailto:[email protected]>> Reply-To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>>, Fay Wang <[email protected]<mailto:[email protected]>> Date: Monday, February 15, 2016 at 4:14 PM To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: Disable kerberbos using REST API Hi, I am using the following REST API to disable kerberos: curl -k -H 'X-Requested-By:ambari' -u admin:admin -i -X PUT -d @kerberos_disable.json http://localhost:8081/api/v1/clusters/MyCluster Here is the content of kerberos_disable.json : { "session_attributes" : { "kerberos_admin" : { "principal" : "[email protected]<mailto:[email protected]>", "password" : "P@ssw0rd" } }, "Clusters": { "security_type" : "NONE" } } After this REST API: (1) kerberos principals are removed (2) keytab files are removed. (3) In Ambari UI, "Enable Kerberos" is enabled. However, in the Ambari UI, I still see "Kerberos" as a service in the dashboard. Please note that if I disable kerberos via Ambari UI (instead of using REST API). I will not see "Kerberos" as a service in the dashboard. Please let me know if I miss anything in the disable-kerberos REST API. Thanks, -fay
