On BDA V4.2 Disabling AD Kerberos Fails if the Backing AD Server is Down

(Doc ID 2053190.1)

Last updated on SEPTEMBER 08, 2015

Applies to:

Big Data Appliance Integrated Software - Version 4.2.0 and later
Linux x86-64


On BDA V4.2 disabling AD Kerberos using Instructions to Enable/Disable AD Kerberos on Oracle Big Data Appliance with Mammoth V4.2 Release (Doc ID 2029378.1) fails if the AD server is down.

Symptoms include:

1. 'bdacli disable ad_kerberos' fails with an error like:

INFO: Removing Kerberos for Hadoop services. This will take some time ...
ERROR: Puppet agent run on node bdanode01 had errors. List of errors follows      
INFO: Also check the log file in /opt/oracle/BDAMammoth/bdaconfig/tmp/pagent-bdanode01-20150826221731.log
ERROR: Kerberos removal ran into issues. Exiting.
INFO: Running bdadiagcluster...

2. pagent-bdanode01-20150826221731.log shows a timeout exceeded like:

Aug 26 22:22:38 bdanode01 puppet-master[18363]: (//bdanode01.example.org//Stage[main]/Hadoop::Disablekerberos/Exec[disable_kerberos]/returns) change from notrun to 0 failed: Command exceeded timeout

3.  The /bdaconfig/tmp/disablekerberos_1440641528.out file shows output like:

Succeeded. Output in : /opt/oracle/BDAMammoth/bdaconfig/tmp/cm_commands.out
API Version used is v10
Succeeded. Output in : /opt/oracle/BDAMammoth/bdaconfig/tmp/cm_kerberosPrincipals_1440641858.out
item: impala/bdanode04.example.com@EXAMPLE.COM
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
item: hbase/bdanode02.example.com@EXAMPLE.COM
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
item: flume/bdanode06.example.com@EXAMPLE.COM
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)



Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms