[
https://issues.apache.org/jira/browse/AMBARI-10709?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14519894#comment-14519894
]
Robert Levas commented on AMBARI-10709:
---------------------------------------
[~lazurinke], Does AMBARI-9783 address any of your issues with enabled Kerberos
via Ambari?
> Kerberos automation via generated scripts
> -----------------------------------------
>
> Key: AMBARI-10709
> URL: https://issues.apache.org/jira/browse/AMBARI-10709
> Project: Ambari
> Issue Type: New Feature
> Components: security
> Reporter: Laser
>
> Currently Amabari project does not provide a way for very security conscious
> clients to get editable scripts to be run on their system .
> In a real world scenario with enterprise level customers, there will be no
> way that these customers will let the Ambari wizard run anything on the
> organization LDAP server .
> What we suggest to contribute is a framework which is based on "IBM''s
> kerberos automation toolkit for hadoop ", more details can be found here :
> https://developer.ibm.com/hadoop/blog/2014/12/11/ibms-kerberos-automation-toolkit-hadoop/
> This toolkit supports building scripts and other resources for both
> "openLDAP" and "Active Directory" in order to ease up the configuration of
> kerberos on hadoop enviornments for security concious clients . these scripts
> and artifacts are created based on the clients topology . and have been
> tested at various client sites.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
