主机系统:centos7
发行版:hdp 3.0.1.0-187
安装kdc
单独找一台额外的服务器安装kdc服务。
yum install krb5-server
systemctl enable krb5kdc kadmin
配置kadmin用户,编辑/var/kerberos/krb5kdc/kadm5.acl
*/admin@BIGDATA.COM *
编辑/etc/krb5.conf
# Configuration snippets may be placed in this directory as well
includedir /etc/krb5.conf.d/
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
pkinit_anchors = FILE:/etc/pki/tls/certs/ca-bundle.crt
default_realm = BIGDATA.COM
default_ccache_name = KEYRING:persistent:%{uid}
[realms]
BIGDATA.COM = {
admin_server =…
ambari开启kerberos说明
发布于