Install kerberos with AD

[Ivan Garcia <ig...@yahoo.com>]

Hi,

I'm trying to install kerberos with AD through Ambari. With the cvs file create by ambari, I launch the kerberos-setup.sh script with sudo command (because I don't have root access to the machines) and after that I can't use sudo anymore because it shows the next message:

"sudo: effective uid is not 0, is sudo installed setuid root?"

This happens because the script change the permission to the sudo executable, and I don't know how to solve this problem.

Do I need root account to perform this operation or I'm doing something wrong?

Thanks in advance.

Re: Install kerberos with AD

[Robert Levas <rl...@hortonworks.com>]

Hi Ivan…

What version of Ambari are you using?

The kerberos-setup.sh script is not compatible with Active Directory… it is meant to be used with an MIT KDC.  For Active Directory, you will need to crate the accounts and keytab files manually.  You will also need to distribute the keytab files that you generate.  The CSV file should help guide you as far as what principals and keytab files are needed and where to store them.

Rob


From: Ivan Garcia <ig...@yahoo.com>>
Reply-To: "user@ambari.apache.org<ma...@ambari.apache.org>" <us...@ambari.apache.org>>, Ivan Garcia <ig...@yahoo.com>>
Date: Monday, November 23, 2015 at 6:53 AM
To: "user@ambari.apache.org<ma...@ambari.apache.org>" <us...@ambari.apache.org>>
Subject: Install kerberos with AD

Hi,

I'm trying to install kerberos with AD through Ambari. With the cvs file create by ambari, I launch the kerberos-setup.sh script with sudo command (because I don't have root access to the machines) and after that I can't use sudo anymore because it shows the next message:

"sudo: effective uid is not 0, is sudo installed setuid root?"

This happens because the script change the permission to the sudo executable, and I don't know how to solve this problem.

Do I need root account to perform this operation or I'm doing something wrong?

Thanks in advance.