THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Log in
Skip to sidebar
Skip to main content
Apache Software Foundation
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
What’s new
Available Gadgets
About Confluence
Log in
KNOX
Pages
Blog
Space shortcuts
UML Diagrams
Child pages
Diagrams
Linux Single Kerberos Realm with LDAP Groups
Browse pages
Configure
Space tools
A
t
tachments (0)
Page History
Resolved comments
Page Information
View in Hierarchy
View Source
Delete comments
Export to PDF
Export to Word
Copy Page Tree
Pages
Index
Diagrams
Jira links
Linux Single Kerberos Realm with LDAP Groups
Created by
Kevin Minder
, last modified on
Dec 06, 2013
Linux Single Kerberos Realm with LDAP Groups
Gateway Node
Hadoop Cluster
Corporate Network
User
(user)
Hadoop
Client
(cli)
User's
Ticket
Cache
Hadoop
Services
(eg hdfs)
Service's
Keytab
MIT
KDC
LDAP
Contains group info
Contains user &
service accounts
1
kinit(hdfs):hdfs-tgt
TGT stored in memory
2
load():password
Password loaded from Keytab
3
kinit(guest):user-tgt
4
prompt():password
5
store(user-tgt)
6
hadoop fs ls
7
load():user-tgt
8
tgsReq(user-tgt):user-hdfs-st
9
ls[user-hdfs-st](dir):files
10
verify(user-hdfs-st)
11
groupLookup(user):groups
No labels
Overview
Content Tools
Apps
{"serverDuration": 182, "requestCorrelationId": "6c3972e2039efa3c"}
