Hi Rakiran, FYI: we are setting kerberos.removeHostFromPrincipal=true and kerberos.removeRealmFromPrincipal=true in our configs in production. Although I am not sure if they are also affecting quorum SASL too and not only client SASL. But also, we don't use dynamic reconfig in production yet.
But I agree with Enrico, this smells like a bug. If the principals with the new hosts are properly configured in Kerberos, then the Quoum Authentication should work I think. Kind regards, Mate On Sat, May 9, 2020 at 7:24 AM rajsura <[email protected]> wrote: > Hi Enrico, > > Thanks again for your reply. > > Yes, I have this problem in both production and test environments. > > For now, after reconfig, we are rolling restart the members. It would be > great if you can loop in some users of reconfig and quorum authn/authz. > > Regards, > Rajkiran > > > > -- > Sent from: http://zookeeper-user.578899.n2.nabble.com/ >
