kadmin.local //以超管身份进入kadmin
kadmin模式下:
addprinc -randkey ambari-server@EXAMPLE.COM //生成随机key的principal
addprinc admin/admin //生成指定key的principal
listprincs //查看principal
change_password -pw xxxx admin/admin //修改admin/admin的密码
delete_principal admin/admin //删除principal
kinit admin/admin //验证principal是否可用
xst -k ambari.server.keytab ambari-server@EXAMPLE.COM//为principal生成keytab,可同时添加多个
ktadd -k /etc/security/keytabs ambari-server@EXAMPLE.COM //ktadd也可生成keytab
kinit -kt /etc/security/keytabs ambari-server@EXAMPLE.COM //测试keytab是否可用
klist -ket /etc/security/keytabs//查看keytab