My Oracle Support Banner

Enabling AD Kerberos After Uninstalling MIT Kerberos Fails on BDA V4.7 and Lower with "ERROR: Error validating the provided Active Directory Certificate check" (Doc ID 2226138.1)

Last updated on JANUARY 09, 2018

Applies to:

Big Data Appliance Integrated Software - Version 4.2.0 to 4.7.0 [Release 4.2 to 4.7]
Linux x86-64


Trying to enable AD Kerberos with "bdacli enable ad_kerberos" after uninstalling MIT Kerberos with "bdacli disable kerberos" fails with:

SUCCESS: Successfully copy Active Directory CA to all nodes
ERROR: Error validating the provided Active Directory Certificate check
details in
/opt/oracle/BDAMammoth/bdaconfig/tmp/validateADSecureCertificate.out and
ERROR: Unable to locate file in STEP -1
INFO: Running bdadiagcluster...
INFO: Please get the Big Data Appliance cluster diagnostic bundle at



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.