You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2015/09/24 13:03:05 UTC
[jira] [Updated] (AMBARI-13222) kdc_type lost when updating
kerberos-env via Kerberos service configuration page
[ https://issues.apache.org/jira/browse/AMBARI-13222?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Levas updated AMBARI-13222:
----------------------------------
Summary: kdc_type lost when updating kerberos-env via Kerberos service configuration page (was: kdc-type lost when updating kerberos-env via Kerberos service configuration page)
> kdc_type lost when updating kerberos-env via Kerberos service configuration page
> --------------------------------------------------------------------------------
>
> Key: AMBARI-13222
> URL: https://issues.apache.org/jira/browse/AMBARI-13222
> Project: Ambari
> Issue Type: Bug
> Components: ambari-web
> Affects Versions: 2.1.1
> Reporter: Robert Levas
> Assignee: Robert Levas
> Priority: Critical
> Labels: regression
> Fix For: 2.1.2
>
>
> After editing the kerberos-env configuration using Ambari's Kerberos service configuration page and saving the new configuration, the {{kdc_type}} property is lost and not saved with the new configuration.
> *By loosing this value, any future Kerberos-related operations will fail with errors since the mandatory kerberos-env/kdc_type property will be missing.*
> {code:title=kerberos-env before update}
> {
> "kdc_type": "mit-kdc",
> "password_min_uppercase_letters": "1",
> "password_min_whitespace": "0",
> "password_min_punctuation": "1",
> "password_min_digits": "1",
> "encryption_types": "aes des3-cbc-sha1 rc4 des-cbc-md5",
> "kdc_create_attributes": "",
> "admin_server_host": "host1",
> "password_min_lowercase_letters": "1",
> "container_dn": "",
> "password_length": "20",
> "case_insensitive_username_rules": "false",
> "manage_identities": "true",
> "service_check_principal_name": "${cluster_name}-${short_date}",
> "kdc_host": "host1",
> "ad_create_attributes_template": "\n{\n \"objectClass\": [\"top\", \"person\", \"organizationalPerson\", \"user\"],\n \"cn\": \"$principal_name\",\n #if( $is_service )\n \"servicePrincipalName\": \"$principal_name\",\n #end\n \"userPrincipalName\": \"$normalized_principal\",\n \"unicodePwd\": \"$password\",\n \"accountExpires\": \"0\",\n \"userAccountControl\": \"66048\"\n}",
> "install_packages": "true",
> "realm": "EXAMPLE.COM",
> "ldap_url": "",
> "executable_search_paths": "/usr/bin, /usr/kerberos/bin, /usr/sbin, /usr/lib/mit/bin, /usr/lib/mit/sbin"
> }
> {code}
> {code:title=kerberos-env after update}
> {
> "password_min_uppercase_letters": "1",
> "password_min_whitespace": "0",
> "password_min_punctuation": "1",
> "password_min_digits": "1",
> "encryption_types": "aes des3-cbc-sha1 rc4 des-cbc-md5",
> "kdc_create_attributes": "",
> "admin_server_host": "hist1:88",
> "password_min_lowercase_letters": "1",
> "container_dn": "",
> "password_length": "20",
> "case_insensitive_username_rules": "false",
> "manage_identities": "true",
> "service_check_principal_name": "${cluster_name}-${short_date}",
> "kdc_host": "host1:88",
> "ad_create_attributes_template": "\n{\n \"objectClass\": [\"top\", \"person\", \"organizationalPerson\", \"user\"],\n \"cn\": \"$principal_name\",\n #if( $is_service )\n \"servicePrincipalName\": \"$principal_name\",\n #end\n \"userPrincipalName\": \"$normalized_principal\",\n \"unicodePwd\": \"$password\",\n \"accountExpires\": \"0\",\n \"userAccountControl\": \"66048\"\n}",
> "install_packages": "true",
> "realm": "EXAMPLE.COM",
> "ldap_url": "",
> "executable_search_paths": "/usr/bin, /usr/kerberos/bin, /usr/sbin, /usr/lib/mit/bin, /usr/lib/mit/sbin"
> }
> {code}
> {code:title=Javascript Error}
> Uncaught TypeError: Cannot read property 'get' of undefined
> App.MainServiceInfoConfigsController.Em.Controller.extend.prepareConfigObjects @ app.js:22525
> App.MainServiceInfoConfigsController.Em.Controller.extend.parseConfigData @ app.js:22490
> App.ConfigsLoader.Em.Mixin.create.loadCurrentVersionsSuccess @ app.js:61506
> Em.Object.extend.send.opt.success @ app.js:154010
> f.Callbacks.o @ vendor.js:125
> f.Callbacks.p.fireWith @ vendor.js:125
> w @ vendor.js:127
> f.support.ajax.f.ajaxTransport.c.send.d @ vendor.js:127
> app.js:55160 App.componentConfigMapper execution time: 1.048ms
> {code}
> *Steps to reproduce*
> # Create cluster (Zookeeper-only is fine)
> # Enable Kerberos (any KDC, MIT KDC is fine)
> # Browse to Kerberos service configuration page
> # Change a value (maybe add or remove the port for the KDC server value)
> # Save the configuration
> # After view refreshes, the waiting icon appears and does not go away
> *Workaround*
> Manually add the {{kerberos-env/kdc_type}} property back to the current kerberos-env configuration. The value must be either "mit-kdc" or "active-directory" and must be the correct one for the configuration. Once this is done, Ambari should be restarted so that any cached configuration data is refreshed.
> This can also be fixed using {{/var/lib/ambari-server/resources/scripts/configs.sh}}.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)