You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2016/11/04 21:14:58 UTC
[jira] [Updated] (AMBARI-18804) Manage Ambari principals should be
set to off when upgrading Ambari from versions < 2.4.0
[ https://issues.apache.org/jira/browse/AMBARI-18804?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Levas updated AMBARI-18804:
----------------------------------
Priority: Critical (was: Major)
> Manage Ambari principals should be set to off when upgrading Ambari from versions < 2.4.0
> -----------------------------------------------------------------------------------------
>
> Key: AMBARI-18804
> URL: https://issues.apache.org/jira/browse/AMBARI-18804
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.4.0
> Reporter: Robert Levas
> Assignee: Robert Levas
> Priority: Critical
> Fix For: 2.4.2
>
>
> Since users would have manually set up the Ambari principal after enabling Kerberos using {{ambari-server setup-security}} {{option #3}} ("Setup Ambari kerberos JAAS configuration") in Ambari versions before 2.4.0, there is no need to configure Ambari to automatically manage its principals after an upgrade to version 2.4.0 and above.
> Therefore, upon upgrade to Ambari 2.4.0 or above, the upgrade process (in {{UpgradeCatalog240}}) should ensure that "kerberos-env/create_ambari_principal}} is set to "false". By default this value will be set to "true" after {{org.apache.ambari.server.upgrade.AbstractUpgradeCatalog#addNewConfigurationsFromXml}} is executed.
> Note: This may have an effect on Ambari versions 2.4.2 and above if Kerberos authentication is enabled and the SPNEGO ({{HTTP/_HOST}}) principal and keytab file is already created and installed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)