You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Hadoop QA (JIRA)" <ji...@apache.org> on 2015/01/19 05:57:34 UTC
[jira] [Commented] (AMBARI-9170) Principal creation for Active
Directory accounts should be configurable
[ https://issues.apache.org/jira/browse/AMBARI-9170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14282136#comment-14282136 ]
Hadoop QA commented on AMBARI-9170:
-----------------------------------
{color:red}-1 overall{color}. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12693005/AMBARI-9170_01.patch
against trunk revision .
{color:green}+1 @author{color}. The patch does not contain any @author tags.
{color:green}+1 tests included{color}. The patch appears to include 8 new or modified test files.
{color:green}+1 javac{color}. The applied patch does not increase the total number of javac compiler warnings.
{color:green}+1 release audit{color}. The applied patch does not increase the total number of release audit warnings.
{color:red}-1 core tests{color}. The test build failed in ambari-server
Test results: https://builds.apache.org/job/Ambari-trunk-test-patch/1376//testReport/
Console output: https://builds.apache.org/job/Ambari-trunk-test-patch/1376//console
This message is automatically generated.
> Principal creation for Active Directory accounts should be configurable
> -----------------------------------------------------------------------
>
> Key: AMBARI-9170
> URL: https://issues.apache.org/jira/browse/AMBARI-9170
> Project: Ambari
> Issue Type: Improvement
> Components: ambari-server
> Affects Versions: 2.0.0
> Reporter: Robert Levas
> Assignee: Robert Levas
> Labels: active_directory, kerberos
> Fix For: 2.0.0
>
> Attachments: AMBARI-9170_01.patch
>
>
> The properties used to create accounts in an Active Directory, related to principal creation, should be configurable such that a user may specify the required fields and their values (with variable replacement).
> This may be done using a simple structure like XML or JSON, however a template facility (like Jinja2) may be more useful since conditional paths may be built in. The template should be stored in the {{kerberos-env}} configuration.
> An example of a need for a conditional path in a template is related to _service_ accounts vs _user_ accounts. A _service_ account (such as nn/\_HOST@REALM) should have the {{servicePrincipalName}} field set to the service's principal, where this value shouldn't be set for a _user_ account (such as hdfs@REALM).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)