On Oracle Big Data Appliance CDH Cluster with AD Kerberos Enabled, Regenerating Credentials thru CM Fails (Doc ID 2072670.1)

Last updated on OCTOBER 11, 2016

Applies to:

Big Data Appliance Integrated Software - Version 4.2.0 and later
Linux x86-64

Symptoms

On Oracle Big Data Appliance(BDA) CDH cluster with  AD Kerberos enabled, regenerating the Kerberos credentials thru Cloudera Manager(CM) fails with below error
 

refldaps://DomainDnsZones.********/DC=*,DC=*,DC=*,DC=com,DC=*'
+ set +e
+ grep -q userPrincipalName
+ echo dn: CN=<CN name>,DC=*,DC=***,DC=com,DC=*** objectClass: top objectClass: person objectClass: organizationalPerson objectClass:
user cn: <CN name> distinguishedName: CN=<CN name>,DC=*,DC=******,DC=com,DC=** instanceType: 4 whenCreated: 20151023150805.0Z whenChanged: 20151023150805.0Z uSNCreated: 141166621 uSNChanged: 141166623
name: <CN name> objectGUID:: <object GUI>== userAccountControl: * badPwdCount: 0 codePage: 0 countryCode: 0 badPasswordTime: 0 lastLogoff: 0 lastLogon: 0 pwdLastSet: 130900864857103400 primaryGroupID: 513 objectSid:: <ObjectSid>= accountExpires: 0 logonCount: 0 sAMAccountName: <CN name> sAMAccountType: 805306368
userPrincipalName: hdfs/BDANODE.***@REALMNAME servicePrincipalName: hdfs/BDANODE.*** objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=****,DC=***,DC= com,DC=* dSCorePropagationData: 16010101000000.0Z '#' refldaps://DomainDnsZones.gm****/DC=DomainDnsZones,DC=gm,DC=****,DC=com,DC=****
+ '[' 0 -eq 0 ']'
+ echo 'hdfs//BDANODE.***@REALMNAME already exists in Active Directory. Please delete it before re-generating it from Cloudera Manager.'
+ exit 1

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms