Updated on 2024-10-11 GMT+08:00

Changing the Password for the OMS Kerberos Administrator

Scenario

It is recommended that the administrator periodically change the password of OMS Kerberos administrator kadmin to improve the system O&M security.

If the user password is changed, the Kerberos administrator password is changed as well.

Procedure

  1. Log in to any management node in the cluster as user omm.
  2. Run the following command to go to the related directory:

    cd ${BIGDATA_HOME}/om-server/om/meta-0.0.1-SNAPSHOT/kerberos/scripts

  3. Run the following command to set environment variables:

    source component_env

  4. Run the following command to change the password for kadmin/admin. This operation takes effect for all servers. Keep the password secure because it cannot be retrieved once lost.

    kpasswd kadmin/admin

    The password must meet the following complexity requirements:

    • Contains at least 8 characters.
    • Contains at least four types of the following: uppercase letters, lowercase letters, numbers, and special characters (~`!?,.;-_'(){}[]/<>@#$%^&*+|\=).
    • Cannot be the same as the username or the username spelled backwards.
    • Cannot be a common easily-cracked password, for example, Admin@12345.
    • Cannot be the same as the password used in the last N times. N indicates the value of Repetition Rule in Configuring Password Policies.