[
https://issues.apache.org/jira/browse/AMBARI-10479?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14495119#comment-14495119
]
Hadoop QA commented on AMBARI-10479:
------------------------------------
{color:red}-1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12725383/AMBARI-10479_01.patch
against trunk revision .
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:green}+1 tests included{color}. The patch appears to include 1 new
or modified test files.
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:red}-1 core tests{color}. The test build failed in ambari-server
Test results:
https://builds.apache.org/job/Ambari-trunk-test-patch/2341//testReport/
Console output:
https://builds.apache.org/job/Ambari-trunk-test-patch/2341//console
This message is automatically generated.
> Add the ability to enable Kerberos and not manage identities
> ------------------------------------------------------------
>
> Key: AMBARI-10479
> URL: https://issues.apache.org/jira/browse/AMBARI-10479
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
> Affects Versions: 2.1.0
> Reporter: Robert Levas
> Assignee: Robert Levas
> Labels: kerberos
> Fix For: 2.1.0
>
> Attachments: AMBARI-10479_01.patch
>
>
> Add the ability to enable Kerberos and not manage identities. This should be
> done by allowing a user to specify whether all relevant Kerberos identities
> _should_ or _should not_ be managed by Ambari.
> A *kerberos-env* property named *manage_identities* is to be added where its
> value may be either _true_ or _false_. By default the value is _true_ (or
> rather _not false_).
> If _not false_, Ambari will access the registered KDC to create, update, and
> delete Kerberos identities as needed. Ambari will also create, distribute,
> and delete keytab files as needed. Because of this, the KDC administrator
> credentials are required. This is the current behavior of Ambari 2.0.0.
> If _false_, Ambari will *not* access the registered KDC to create, update, or
> delete Kerberos identities. It will also *not* create, distribute, or delete
> keytab files. Not KDC administrator credentials will be needed.
> Note: a lot of this work has been done for AMBARI-10305. A current known
> problem with the solution for AMBARI-10305 is that the Kerberos service check
> fails when kerberos-env/manage_identities is false due to missing data since
> the special smoke user was not created.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
