You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2015/09/24 13:03:05 UTC

[jira] [Updated] (AMBARI-13222) kdc_type lost when updating kerberos-env via Kerberos service configuration page

     [ https://issues.apache.org/jira/browse/AMBARI-13222?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Robert Levas updated AMBARI-13222:
----------------------------------
    Summary: kdc_type lost when updating kerberos-env via Kerberos service configuration page  (was: kdc-type lost when updating kerberos-env via Kerberos service configuration page)

> kdc_type lost when updating kerberos-env via Kerberos service configuration page
> --------------------------------------------------------------------------------
>
>                 Key: AMBARI-13222
>                 URL: https://issues.apache.org/jira/browse/AMBARI-13222
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-web
>    Affects Versions: 2.1.1
>            Reporter: Robert Levas
>            Assignee: Robert Levas
>            Priority: Critical
>              Labels: regression
>             Fix For: 2.1.2
>
>
> After editing the kerberos-env configuration using Ambari's Kerberos service configuration page and saving the new configuration, the {{kdc_type}} property is lost and not saved with the new configuration.
> *By loosing this value, any future Kerberos-related operations will fail with errors since the mandatory kerberos-env/kdc_type property will be missing.*
> {code:title=kerberos-env before update}
> {
>   "kdc_type": "mit-kdc",
>   "password_min_uppercase_letters": "1",
>   "password_min_whitespace": "0",
>   "password_min_punctuation": "1",
>   "password_min_digits": "1",
>   "encryption_types": "aes des3-cbc-sha1 rc4 des-cbc-md5",
>   "kdc_create_attributes": "",
>   "admin_server_host": "host1",
>   "password_min_lowercase_letters": "1",
>   "container_dn": "",
>   "password_length": "20",
>   "case_insensitive_username_rules": "false",
>   "manage_identities": "true",
>   "service_check_principal_name": "${cluster_name}-${short_date}",
>   "kdc_host": "host1",
>   "ad_create_attributes_template": "\n{\n  \"objectClass\": [\"top\", \"person\", \"organizationalPerson\", \"user\"],\n  \"cn\": \"$principal_name\",\n  #if( $is_service )\n  \"servicePrincipalName\": \"$principal_name\",\n  #end\n  \"userPrincipalName\": \"$normalized_principal\",\n  \"unicodePwd\": \"$password\",\n  \"accountExpires\": \"0\",\n  \"userAccountControl\": \"66048\"\n}",
>   "install_packages": "true",
>   "realm": "EXAMPLE.COM",
>   "ldap_url": "",
>   "executable_search_paths": "/usr/bin, /usr/kerberos/bin, /usr/sbin, /usr/lib/mit/bin, /usr/lib/mit/sbin"
> }
> {code}
> {code:title=kerberos-env after update}
> {
>   "password_min_uppercase_letters": "1",
>   "password_min_whitespace": "0",
>   "password_min_punctuation": "1",
>   "password_min_digits": "1",
>   "encryption_types": "aes des3-cbc-sha1 rc4 des-cbc-md5",
>   "kdc_create_attributes": "",
>   "admin_server_host": "hist1:88",
>   "password_min_lowercase_letters": "1",
>   "container_dn": "",
>   "password_length": "20",
>   "case_insensitive_username_rules": "false",
>   "manage_identities": "true",
>   "service_check_principal_name": "${cluster_name}-${short_date}",
>   "kdc_host": "host1:88",
>   "ad_create_attributes_template": "\n{\n  \"objectClass\": [\"top\", \"person\", \"organizationalPerson\", \"user\"],\n  \"cn\": \"$principal_name\",\n  #if( $is_service )\n  \"servicePrincipalName\": \"$principal_name\",\n  #end\n  \"userPrincipalName\": \"$normalized_principal\",\n  \"unicodePwd\": \"$password\",\n  \"accountExpires\": \"0\",\n  \"userAccountControl\": \"66048\"\n}",
>   "install_packages": "true",
>   "realm": "EXAMPLE.COM",
>   "ldap_url": "",
>   "executable_search_paths": "/usr/bin, /usr/kerberos/bin, /usr/sbin, /usr/lib/mit/bin, /usr/lib/mit/sbin"
> }
> {code}
> {code:title=Javascript Error}
> Uncaught TypeError: Cannot read property 'get' of undefined
> App.MainServiceInfoConfigsController.Em.Controller.extend.prepareConfigObjects @ app.js:22525
> App.MainServiceInfoConfigsController.Em.Controller.extend.parseConfigData @ app.js:22490
> App.ConfigsLoader.Em.Mixin.create.loadCurrentVersionsSuccess @ app.js:61506
> Em.Object.extend.send.opt.success @ app.js:154010
> f.Callbacks.o @ vendor.js:125
> f.Callbacks.p.fireWith @ vendor.js:125
> w @ vendor.js:127
> f.support.ajax.f.ajaxTransport.c.send.d @ vendor.js:127
> app.js:55160 App.componentConfigMapper execution time: 1.048ms
> {code}
> *Steps to reproduce*
> # Create cluster (Zookeeper-only is fine)
> # Enable Kerberos (any KDC, MIT KDC is fine)
> # Browse to Kerberos service configuration page
> # Change a value (maybe add or remove the port for the KDC server value)
> # Save the configuration
> # After view refreshes, the waiting icon appears and does not go away
> *Workaround*
> Manually add the {{kerberos-env/kdc_type}} property back to the current kerberos-env configuration.  The value must be either "mit-kdc" or "active-directory" and must be the correct one for the configuration.  Once this is done, Ambari should be restarted so that any cached configuration data is refreshed. 
> This can also be fixed using {{/var/lib/ambari-server/resources/scripts/configs.sh}}.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)