Unlocking the LDAP Management Account of the MRS Cluster
If the LDAP user cn=pg_search_dn,ou=Users,dc=hadoop,dc=com and LDAP management accounts cn=krbkdc,ou=Users,dc=hadoop,dc=com and cn=krbadmin,ou=Users,dc=hadoop,dc=com are locked, the administrator must unlock these accounts.
Notes and Constraints
- If you enter an incorrect password for the LDAP user or management account for five consecutive times, the LDAP user or management account is automatically locked. Locked accounts are automatically unlocked after five minutes.
- This function is available only in MRS 3.x or later.
Procedure
- Log in to the active management node as user omm.
- Run the following command to go to the related directory:
cd ${BIGDATA_HOME}/om-server/om/ldapserver/ldapserver/local/script
- Run the following command to unlock the LDAP user or management account:
./ldapserver_unlockUsers.sh USER_NAME
In the command, USER_NAME indicates the name of the user to be unlocked.
For example, to unlock the LDAP management account cn=krbkdc,ou=Users,dc=hadoop,dc=com, run the following command:
./ldapserver_unlockUsers.sh krbkdc
After the script is executed, enter the password of user krbkdc next to ROOT_DN_PASSWORD. If the following information is displayed, the unlocking is successful:
Unlock user krbkdc successfully.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
