• MapReduce Service

mrs
  1. Help Center
  2. MapReduce Service
  3. User Guide
  4. MRS Manager Operation Guide
  5. Security Management
  6. Changing the Password for the OMS Kerberos Administrator

Changing the Password for the OMS Kerberos Administrator

Scenario

Periodically change the password for OMS Kerberos administrator kadmin of the MRS cluster to improve the system O&M security.

If the user password is changed, the Kerberos administrator password is changed as well.

Prerequisites

A client has been prepared on the Master1 node.

Procedure

  1. Log in to the Master1 node.
  2. Run the following command to switch the user:

    sudo su - omm

  3. Run the following command to go to the related directory:

    cd ${BIGDATA_HOME}/om-0.0.1/meta-0.0.1-SNAPSHOT/kerberos/scripts

  4. Run the following command to configure the environment variables:

    source component_env

  5. Run the following command to change the password for kadmin/admin. The password change takes effect on all servers.

    kpasswd kadmin/admin

    For the MRS 1.6.0 or later cluster, the password complexity requirements are as follows:
    • The password must contain 8 to 32 characters.
    • The password must contain at least three types of the following: lowercase letters, uppercase letters, digits, spaces, and special characters which can only be ~`!?,.:;-_'(){}[]/<>@#$%^&*+|\=
    • The password cannot be the same as the username or reverse username.
    For the MRS 1.5.0 cluster, the password complexity requirements are as follows:
    • The password must contain 6 to 32 characters.
    • The password must contain at least two types of the following: lowercase letters, uppercase letters, digits, spaces, and special characters which can only be ~`!?,.:;-_'(){}[]/<>@#$%^&*+|\=
    • The password cannot be the same as the username or reverse username.
    NOTE:

    For MRS clusters of other versions, the password complexity requirements are as follows:

    • The password must contain at least eight characters.
    • The password must contain at least four types of the following: lowercase letters, uppercase letters, digits, spaces, and special characters which can only be ~`!?,.:;-_'(){}[]/<>@#$%^&*+|\=
    • The password cannot be the same as the username or reverse username.
    • The password cannot be the same as the previous password.