Unlocking the LDAP Management Account of the MRS Cluster
If the LDAP user cn=pg_search_dn,ou=Users,dc=hadoop,dc=com and LDAP management accounts cn=krbkdc,ou=Users,dc=hadoop,dc=com and cn=krbadmin,ou=Users,dc=hadoop,dc=com are locked, the administrator must unlock these accounts.
- If you input an incorrect password for the LDAP user or management account for five consecutive times, the LDAP user or management account is locked. The account is automatically unlocked after 5 minutes.
- This function is available in MRS 3.x and later only.
- Log in to the active management node as user omm.
- Run the following command to go to the related directory:
cd ${BIGDATA_HOME}/om-server/om/ldapserver/ldapserver/local/script
- Run the following command to unlock the LDAP user or management account:
./ldapserver_unlockUsers.sh USER_NAME
In the command, USER_NAME indicates the name of the user to be unlocked.
For example, to unlock the LDAP management account cn=krbkdc,ou=Users,dc=hadoop,dc=com, run the following command:
./ldapserver_unlockUsers.sh krbkdc
After the script is executed, enter the password of user krbkdc next to ROOT_DN_PASSWORD. If the following information is displayed, the unlocking is successful:
Unlock user krbkdc successfully.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
