I have an Azure Kubernetes Service. I deployed the Apache Ignite image on it.
It works well and I'm using ThinClient to connect to the Ignite. Also, authentication has been enabled.
In the first deployment, Ignite creates a superuser that name and password are "ignite".
I created my own user and tested to connection. It succeeded.
I would like to delete the user created by Apache Ignite, but I couldn't do it.
How can I delete the user?
The default superuser can't be removed, but you should be able to change the default password ALTER USER "ignite" WITH PASSWORD 'newPassword';
Related
I use SQL Developer and some third party jar files for accessing Hive.
When ever there is a Hive service restart - My connection object wont let me connect to Hive after the restart. My admin team need to restart the metastore too. And then few more config changes, admin team does - and then I need to remove the cacerts file, add certificates to cacerts again using Apache knox.
Have any of you faced similar problems and managed to fixed it ?
Thanks
LNC
Sorry for the late response here. This sounds like an issue that has since been resolved with HiveServer2 using a random key for signing the cookie that is used to optimize authentication of each http request for a given session. When HS2 is restarted a new key is created and the Knox server continues to send the previously cached cookie which was signed with the previous random key. There should be no reason to mess with cacerts and the like. A simple - yet annoying - restart of Knox should suffice. You may also turn off cookie based authentication but that will degrade performance.
We're unable to start our JVMs after changing the LDAP server in the Security -> Global Security settings. We get "The user is from a foreign realm, XXXX:289, and this foreign realm is not trusted. Current realm is XXXX".
This error seems straightforward. Yet we cannot find anything wrong with our settings. The "Trusted authentication realms - inbound" looks correct. The settings in the Global Security looks right. The users have been recreated
The process we followed was to update the LDAP server. Remove and added back the Admin group roles so they have the new LDAP server. Then shutdown all the Websphere processes. Run the osgiCfgInit.sh and clearcasecache.sh scripts to clear the cache. Then started the processes back up.
Is there a file or cache we need to modify for our admin user?
I'm trying to secure HDFS cluster on open source DC/OS but it seems it's not an easy thing.
The problem I see in HDFS is the fact that it uses username of current system user so without any form of authentication anyone can just create user with certain username and get superuser permissions on cluster.
So I need any form of authentication. IP auth would be fine(clients with certain IPs can only connect to HDFS) but I couldn't find if there's an option to enable it.
Creating Kerberos for HDFS is not an option because running another service just to run another service to run another service etc. will only give tons of work.
If enabling any form of viable security is impossible, is there any other DC/OS HDFS-like service I can use? I need some HA storage to fetch config files and sometimes jars from Artifact Uris to run services. I also need a place to store parquet files from spark streaming.
Version of DC/OS HDFS is 2.6.x.
Unfortunately it seems that Kerberos is the only real form of authentication in HDFS. Without this, HDFS will trust every user.
After installing Hortonworks sandbox 2.4 I can not find out how to restart service like hbase Hdfs from Ambari.
So what I need to know how to restart hadoop services from Ambari ?
In SandBox 2.4 you have to reset the username and the password for the user Admin
I think you are logging in as maria_dev where this user have the read-only permission, if this is the case,
what you need to do is lancing the script ambari-admin-password-reset , enter username and a password for the user admin and login by this user.
We are running WebSphere Application Server v8.5 on AIX 7, which we configured to use ldap security. Everything is working fine, but project went halt for some time and our WAS was down. Now we see that ldap cerficates were expired, hence we are unable to connect to dmgr & admin console. Can somebody help to resolve it?
We know how to configure ldap on WAS, but dont no how to change expired ldap cerficate with new cerficates. (We received new non-expiry certificates from ldap team but dont no how to configure it on WAS).
You need to disable security, restart dmgr, replace certificates and reenable security.
To disable security:
stop/kill the dmgr
run the following from the dmgr\bin folder:
wsadmin -conntype NONE
At the wsadmin prompt, type securityoff and then type exit.
Restart your dmgr.
UPDATE
Do you have Federated or Standalone Ldap configured? You should have in LDAP configuration link to SSL configuration. There you will need to add your new certificate to the Signers store (this is very simplified description as I'm not sure which repository you are using).