Enabling Kerberos Authentication for Hadoop in Applications Manager
To use keyTab file for Kerberos authentication
i) Create a keyTab file in Hadoop installed machine using the steps mentioned below.
ii) Copy the created keyTab file to Applications Manager machine. (Preferably to this location: <AppManager_Home>/working/conf/KerberosConfigurations/KeyTabs/)
How to create keytab file?
Use the below command to create keytab file.
Format : ktpass -princ servicename/domainname@REALM-NAME.COM -mapuser accountname -pass accountpass -crypto AES256-SHA1 -ptype KRB5_NT_PRINCIPAL -out C:\Users\Administrator\Documents\hadoop-3.3.6\apm_kerberos_1.keytab
kinit -k -t C:\Users\administrator.APMKERBEROS\Documents\Hadoop-3.3.6\hadoop-3.3.6\apm_kerberos_1.keytab <SPN name of Hadoop>
For any issues while adding Kerberos Enabled Hadoop, check the below case.
Run the below command on the Hadoop installed machine by replacing the domain name and the Hadoop Server FQDN
setspn -T <Domain_Name> -F -Q hdfs/<Hadoop_Server_FQDN>*
<Domain_Name> is replaced with the domain name of your environment.
<Hadoop_Server_FQDN> is replaced with the FQDN of Hadoop running server.
Expected Output : This should list the SPN names.
New to ADSelfService Plus?
Related Articles
Enabling Kerberos Authentication for SQL Server in Applications Manager
I. How to implement Kerberos Authentication for Applications Manager's MS SQL Back-End Database? 1. Stop Applications Manager service. Open Applications Manager's home directory in the command prompt and run the below commands one by one: For Windows ...Using Kerberos Authentication with ManageEngine Applications Manager for Windows Monitoring
What is Kerberos? Kerberos is a secure authentication protocol used in Active Directory (AD) domains. It uses encrypted "tickets" instead of passwords to allow ManageEngine Applications Manager to connect to a target server securely. When a server is ...Authentication Methods in Applications Manager
Authentication involves validating an incoming user to facilitate the access to a specific resource. There are various authentication methods that you can use - based on the requirements and usage. In recent times, numerous organizations are ...Enabling gMSA Account Authentication for SQL Server In Applications Manager
Using a gMSA Account for Applications Manager's SQL Server Backend Important prerequisites before starting the installation: A gMSA account can only be used when Applications Manager is running as a service on Windows platform. To use gMSA account ...How to enable Kerberos Authentication for Applications Manager's MS SQL backend database?
Follow the steps given below to enable Kerberos authentication for MS SQL backend database: 1. Stop Applications Manager service. Open Applications Manager Home directory in command prompt and run the below commands one by one. For ...