ambari-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Balázs Bence Sári (JIRA) <j...@apache.org>
Subject [jira] [Updated] (AMBARI-20586) Add (optional) master_kdcs to kerberos-env and generated krb5.conf file
Date Thu, 30 Mar 2017 19:08:41 GMT

     [ https://issues.apache.org/jira/browse/AMBARI-20586?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Balázs Bence Sári updated AMBARI-20586:
---------------------------------------
    Attachment: AMBARI-20586-Master-kdc_trunk_v4.patch

> Add (optional) master_kdcs to kerberos-env and generated krb5.conf file
> -----------------------------------------------------------------------
>
>                 Key: AMBARI-20586
>                 URL: https://issues.apache.org/jira/browse/AMBARI-20586
>             Project: Ambari
>          Issue Type: Bug
>            Reporter: Balázs Bence Sári
>            Assignee: Balázs Bence Sári
>             Fix For: 3.0.0, 2.5.1
>
>         Attachments: AMBARI-20586-Master-kdc_trunk_v4.patch
>
>
> Add (optional) {{master_kdcs}} to {{kerberos-env}} and generated krb5.conf file. If {{kerberos-env/master_kdcs}}
is not empty, it should contain a list of IP addresses or FQDNs for one or more KDCs. Multiple
entries should be comma-delimited.
> According to https://web.mit.edu/kerberos/krb5-1.12/doc/admin/conf_files/krb5_conf.html:
> {quote} 
> master_kdc
> Identifies the master KDC(s). Currently, this tag is used in only one case: If an attempt
to get credentials fails because of an invalid password, the client software will attempt
to contact the master KDC, in case the user’s password has just been changed, and the updated
database has not been propagated to the slave servers yet.
> {quote}
> This should help with scenarios where multiple KDCs are in a master/slave (or replicated)
configuration. 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message