在Ambari组件中启用kerberos权限认证
环境:Amabri 2.5.1、HDP 2.5.3、CentOS 6.9
下载JCE并解压
JCE下载地址是:
http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
解压到jdk security
unzip -o -j -q jce_policy-8.zip -d /usr/java/jdk1.8.0_151/jre/lib/security
在所有的节点上安装KRB5
yum install krb5-server krb5-libs krb5-auth-dialog krb5-workstation -y
修改配置文件
[logging]
default = FILE:/var/log/krb5libs.log #表示server端的日志打印位置
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = EXAMPLE.COM#默认的realm,要与配置的realm名称一致
dns_lookup_realm &#