I'm very new at kerberos, so the question may not be expressed in the best way...
I have a Solaris 10 system that connects with a Hadoop cluster.
The Solaris system is a non-global zone on a global system that is hosting a number of other zones, so backing out the patch would be difficult because I would need to get down time on all of the zones running there.
Authentication for Hadoop was set up using Kerberos.
When we applied the latest Solaris 10 patch bundle (Sept 2016), our authentication using a keytab file quit working.
Authentication for a user still seems to work.
The only patch I see that mentions Kerberos is: 147793. This patch bundle went from the -17 to the -20.
When doing a kinit -k -t xform.keytab I get the following...
kinit(v5): Key table entry not found while getting initial credentials
Results from a klist -ket xform.keytab
klist -ket xform.keytab
Keytab name: FILE: /xform.keytab
KVNO Timestamp Principal
---- ---------------- ----------------------------------------------------------
0 27/09/2016 11:43 xform@CORP.COMPANY.COM (AES-128 CTS mode with 96-bit SHA-1 HMAC)
0 27/09/2016 11:43 xform@CORP.COMPANY.COM (ArcFour with HMAC/md5)
The krb5.conf file is fairly large, so I did not post it here.
The kinit worked before we applied the Sept 2016 Recommended patch bundle. It is an assumption on my part that the 147793 patch is the one that impacted this.
Does anyone have any hints as to how to go about troubleshooting this, or what needs to be done to fix it?
This is in our development environment, and I need to get this resolved before we patch production next week.