Changing the Password for the Kerberos Administrator

Scenario

Periodically change the password for the Kerberos administrator kadmin to improve the system O&M security.

If the user password is changed, the OMS Kerberos administrator password is changed as well.

Prerequisites

You have installed the client on any node in the cluster and obtain the IP address of the node.

Procedure

1. Log in to the node where the client is installed as user root.
2. Run the following command to go to the client directory, such as /opt/hadoopclient:

   cd /opt/hadoopclient

3. Run the following command to configure environment variables:

   source bigdata_env

4. Run the following command to change the password for kadmin/admin. The password changing takes effect on all servers.

   kpasswd kadmin/admin

   The password complexity requirements are as follows by default:

   • The password contains at least 8 characters.
   • The password must contain at least four types of the following: lowercase letters, uppercase letters, digits, spaces, and special characters which can only be ~`!?,.;-_'(){}[]/<>@#$%^&*+|\=.
   • The password cannot be the same as the username or reverse username.
   • The password cannot be a common password that is easy to crack, for example, Admin@12345.
   • The password cannot be the same as the password that used in latest N times. N indicates the value of Repetition Rule in Configuring Password Policies.