HI Everyone, Has anyone seen this issue. “ Insufficient access while creating “xxx” “
[cid:image001.png@01D27EFF.3E045FC0] My Version krb5-libs-1.10.3-57.el6.x86_64 krb5-server-ldap-1.10.3-57.el6.x86_64 krb5-server-1.10.3-57.el6.x86_64 My acl file */ad...@hadoop.com * Kdc file [kdcdefaults] kdc_ports = 88 kdc_tcp_ports = 88 [realms] HADOOP.COM = { master_key_type = aes256-cts-hmac-sha1-96 acl_file = /var/kerberos/krb5kdc/kadm5.acl dict_file = /usr/share/dict/words admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab key_stash_file = /var/kerberos/krb5kdc/.k5.HADOOP.COM supported_enctypes = des3-cbc-sha1:normal des3-hmac-sha1:normal des3-cbc-sha1-kd:normal aes256-cts-hmac-sha1-96:normal aes256-cts:normal aes256-sha1:normal aes128-cts-hmac-sha1-96:normal aes128-cts:normal aes128-sha1:normal arcfour-hmac:normal rc4-hmac:normal arcfour-hmac-md5:normal iprop_enable = true kadmind_listen = ip-10-21-14-34 kadmind_listen = 24h max_renewable_life = 7d } [logging] kdc = FILE:/data/krb5kdc/logs/kdc.log admin_server = FILE:/data/krb5kdc/logs/kadmin.log Krb file [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = HADOOP.COM dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h renew_lifetime = 7d forwardable = false [realms] HADOOP.COM = { kdc = hadoop-2.hadoop.com admin_server = hadoop-2.hadoop.com database_module = openldap_ldapconf default_domain = hadoop.com key_stash_file = /var/kerberos/krb5kdc/.k5.HADOOP.COM dict_file = /usr/share/dict/words } [domain_realm] .hadoop.com = HADOOP.COM hadoop.com = HADOOP.COM [dbdefaults] ldap_kerberos_container_dn = cn=Kerberos,dc=hadoop,dc=com [dbmodules] openldap_ldapconf = { db_library = kldap ldap_conns_per_server = 5 ldap_servers = ldapi:// ldap_kdc_dn = cn=kdc-srv,ou=Control,dc=hadoop,dc=com ldap_kadmind_dn = cn=kdc-adm,ou=Control,dc=hadoop,dc=com ldap_service_password_file = /etc/krb5.ldap } 祝顺利! ________________________________________ Chuanjie Duan 段川杰 软件技术部 手机: 18616563050 邮箱:chuanjie.d...@envisioncn.com<mailto:chuanjie.d...@envisioncn.com> 本邮件(包括任何附件)内容机密并受法律保护。如果您意外地收到这封邮件,请回复通知发件人并从当前系统中删除本邮件。任何未经授权者,严禁使用并部分或者全部的转发本条信息。任何未经授权的使用或传播都是被严格禁止的。远景能源与其分公司不对因不正确和不完整的转发此邮件包含的信息以及因任何因邮件延迟或对你的系统造成的损害而负责。远景能源不能保证此邮件的真实完整性,也不能确定此邮件是否含有病毒或者监听程序。 This email message (including any attachments) is confidential and may be legally privileged. If you have received it by mistake, please notify the sender by return email and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited. Envision Energy Limited and all its subsidiaries shall not be liable for the improper or incomplete transmission of the information contained in this email nor for any delay in its receipt or damage to your system. Envision Energy Limited does not guarantee the integrity of this email message, nor that this email message is free of viruses, interceptions, or interference.
________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos