Mammoth Migration for the Host with Cloudera Manager Role Fails on Step 4, StartHadoopServices, with "ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)"
(Doc ID 2860949.1)
Last updated on APRIL 17, 2023
Applies to:Big Data Appliance Integrated Software - Version 4.13.0 and later
Performing a mammoth migration for the host with Cloudera Manager (CM) role, Node 3 by default, on a BDA cluster with AD Kerberos following:
Node 3 Migration and Recommission on Oracle Big Data Appliance V4.11 and Higher (Doc ID 2524859.1)
Node 3 Migration and Reprovision on Oracle Big Data Appliance V4.1 OL6 Hadoop Cluster to Manage a Hardware Failure (Doc ID 1984854.1)
fails in Step 4, StartHadoopServices, with errors like below:
ERROR: ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
ERROR: Unable to create hdfs user on the Active Directory, please make sure that the Oracle OS and Cloudera admin passwords meet your Active Directory password restrictions before continuing.
The associated log, cat <HOSTNAME1>-<TIMESTAMP>.trc, shows that it is not possible for mammoth migration to create the users needed for the migration:
GridSteps::MsgPrint('EE', 'Unable to create hdfs user on the Active Directory, please ma...') called at MammothSteps/SetupADKDC.pm line 448
MammothSteps::SetupADKDC::CreateADUser('hdfs', '', 'EntAnlytcsHdpPltfrmQa_bdatestuser', 'true') called at MammothSteps/SetupADKDC.pm line 536
MammothSteps::SetupADKDC::CreateTestUsersActiveDirectory() called at MammothSteps/StartHadoopServices.pm line 191
MammothSteps::StartHadoopServices::StartHadoopServices() called at /opt/oracle/BDAMammoth/bdaconfig/GridInst.pl line 390
Additional Symptoms are:
1. The failing command executes properly when run manually:
2. Following, Troubleshooting Mammoth Step 1 AD Kerberos Failures (Doc ID 2486605.1), especially steps 8 and 9 does not identify any problems.
Step 8 is: Verify that /opt/oracle/bda/install/state/config.json and /etc/krb5.conf resembles the Cloudera Manager configuration.
Step 9 is: Manually verify the certificate. The check is against .crt file not the .cer file. Do so as follows on Node 1 of the cluster.
Note however if any issues are found following, Troubleshooting Mammoth Step 1 AD Kerberos Failures (Doc ID 2486605.1), make sure to correct them.
3. Confirm the KERBEROS_KDC, AD_PORT, AD_USER and KERBEROS_REALM are correct in the /opt/oracle/bda/install/state/config.json on the Mammoth node. If any of these values is incorrect see the Solution section of this note to correct them.
4. Confirm if the AD_PWD parameter is missing from /opt/oracle/bda/install/state/config.json. If this is missing see the Solution section of this note to correct that.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|When any of the values KERBEROS_KDC, AD_PORT, AD_USER and KERBEROS_REALM are incorrect in /opt/oracle/bda/install/state/config.json on the Mammoth node|
|If the AD_PWD parameter is missing from /opt/oracle/bda/install/state/config.json|
|Complete the Mammoth Migration|
|Post Mammoth Migration Clean Up|