Skip to content
This repository was archived by the owner on Apr 18, 2024. It is now read-only.

Commit efadeab

Browse files
smithzcsmithzc
committed
KDC Domain Change
1 parent dc89a68 commit efadeab

File tree

3 files changed

+56
-4
lines changed

3 files changed

+56
-4
lines changed

v6/scripts/boot.sh

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -225,5 +225,57 @@ for i in `seq 1 ${#iqn[@]}`; do
225225
done;
226226
done;
227227
fi
228+
# Kerberos Workstation Setup
229+
EXECNAME="KERBEROS"
230+
log "-> INSTALL"
231+
yum install krb5-workstation
232+
233+
KERBEROS_PASSWORD="SOMEPASSWORD"
234+
OPC_USER_PASSWORD="somepassword"
235+
kdc_server="cdh-utility-1"
236+
kdc_fqdn=`host $kdc_server | gawk '{print $1}'`
237+
realm="hadoop.com"
238+
REALM="HADOOP.COM"
239+
log "-> CONFIG"
240+
rm -f /etc/krb5.conf
241+
cat > /etc/krb5.conf << EOF
242+
# Configuration snippets may be placed in this directory as well
243+
includedir /etc/krb5.conf.d/
244+
245+
[libdefaults]
246+
default_realm = ${REALM}
247+
dns_lookup_realm = false
248+
dns_lookup_kdc = false
249+
rdns = false
250+
ticket_lifetime = 24h
251+
renew_lifetime = 7d
252+
forwardable = true
253+
udp_preference_limit = 1000000
254+
default_tkt_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
255+
default_tgs_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
256+
permitted_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
257+
258+
[realms]
259+
${REALM} = {
260+
kdc = ${kdc_fqdn}:88
261+
admin_server = ${kdc_fqdn}:749
262+
default_domain = ${realm}
263+
}
264+
265+
[domain_realm]
266+
.${realm} = ${REALM}
267+
${realm} = ${REALM}
268+
269+
[kdc]
270+
profile = /var/kerberos/krb5kdc/kdc.conf
271+
272+
[logging]
273+
kdc = FILE:/var/log/krb5kdc.log
274+
admin_server = FILE:/var/log/kadmin.log
275+
default = FILE:/var/log/krb5lib.log
276+
EOF
277+
log "-> Principal & ticket"
278+
echo -e "${KERBEROS_PASSWORD}\naddprinc -randkey host/client.${REALM}\nktadd host/kdc.${REALM}" | kadmin -p root/admin
279+
228280
EXECNAME="END"
229281
log "->DONE"

v6/scripts/cm_boot_mysql.sh

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -61,8 +61,8 @@ KERBEROS_PASSWORD="SOMEPASSWORD"
6161
OPC_USER_PASSWORD="somepassword"
6262
kdc_server=$(hostname)
6363
kdc_fqdn=`host $kdc_server | gawk '{print $1}'`
64-
realm=`echo $kdc_fqdn | cut -d '.' -f 3-5`
65-
REALM=`echo $realm | tr [:lower:] [:upper:]`
64+
realm="hadoop.com"
65+
REALM="HADOOP.COM"
6666
log "-> CONFIG"
6767
rm -f /etc/krb5.conf
6868
cat > /etc/krb5.conf << EOF

v6/scripts/cm_boot_postgres.sh

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -61,8 +61,8 @@ KERBEROS_PASSWORD="SOMEPASSWORD"
6161
OPC_USER_PASSWORD="somepassword"
6262
kdc_server=$(hostname)
6363
kdc_fqdn=`host $kdc_server | gawk '{print $1}'`
64-
realm=`echo $kdc_fqdn | cut -d '.' -f 3-5`
65-
REALM=`echo $realm | tr [:lower:] [:upper:]`
64+
realm="hadoop.com"
65+
REALM="HADOOP.COM"
6666
log "-> CONFIG"
6767
rm -f /etc/krb5.conf
6868
cat > /etc/krb5.conf << EOF

0 commit comments

Comments
 (0)