[AMBARI-24522] Cannot connect to MIT KDC admin server when port is specified in kerberos-env/admin_server_host - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 2.7.0
Fix Version/s: 2.7.3
Component/s: ambari-server
Labels:

Description

Cannot connect to MIT KDC admin server when port is specified in kerberos-env/admin_server_host. The following error is seen when validating the KDC admin credentials:

kinit: Server not found in Kerberos database while getting initial credentials

The reason for this is due to how the credentials are created for accessing the MIT KDC administration server.

kinit -c <path> -S kadmin/<kerberos-env/admin_server_host>  <principal>

If a port was added to the kerberos-env/admin_server_host value then the server principal will be generated like kadmin/kdc.example.com:4749 rather than kadmin/kdc.example.com. Therefore the server principal is not found.

Attachments

Issue Links

links to

GitHub Pull Request #2147

GitHub Pull Request #2148

Activity

People

Assignee:: Robert Levas

Reporter:: Robert Levas

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 21/Aug/18 18:14

Updated:: 22/Oct/18 21:00

Resolved:: 30/Aug/18 20:20

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

2h 10m