yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
a41a4e0331fbc0beff63bb28fa59228cc9a751df
doc-exports/docs/mrs/umn/admin_guide_000162.html
yangtong c285e88a17 MRS UMN 20250806 version 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Co-authored-by: yangtong <yangtong2@huawei.com>
Co-committed-by: yangtong <yangtong2@huawei.com>
2025-09-02 10:43:57 +00:00

106 lines
12 KiB
HTML
Raw Blame History

<a name="admin_guide_000162"></a><a name="admin_guide_000162"></a>
<h1 class="topictitle1">Modifying OMS Service Configuration Parameters</h1>
<div id="body1529658735916"><div class="section" id="admin_guide_000162__sc966349c08c44723996237c6b7e403d1"><h4 class="sectiontitle">Scenario</h4><p id="admin_guide_000162__p998015521212">Based on the security requirements of the user environment, you can modify the Kerberos and LDAP configurations in the OMS on <span id="admin_guide_000162__text15946118176">MRS</span> Manager.</p>
</div>
<div class="section" id="admin_guide_000162__sfc16142de0954095bb08beec3e7e3f69"><h4 class="sectiontitle">Impact on the System</h4><p id="admin_guide_000162__p0206052612">After the OMS service configuration parameters are modified, the corresponding OMS module needs to be restarted. In this case, <span id="admin_guide_000162__text1145334910556">MRS</span> Manager cannot be used.</p>
</div>
<div class="section" id="admin_guide_000162__section2053565583820"><h4 class="sectiontitle">Procedure</h4><p id="admin_guide_000162__p1735924517816"><strong id="admin_guide_000162__b335924512814">Modifying the okerberos configuration</strong></p>
<ol id="admin_guide_000162__ol1940516392126"><li id="admin_guide_000162__li1073914753318"><span>Log in to <span id="admin_guide_000162__text8392185112558">MRS</span> Manager and choose <strong id="admin_guide_000162__b354231016128">System</strong> &gt; <strong id="admin_guide_000162__b13227114111219">OMS</strong>.</span></li></ol><ol start="2" id="admin_guide_000162__ol66227710102313"><li id="admin_guide_000162__li751630102226"><span>Locate the row that contains okerberos and click <strong id="admin_guide_000162__b6245725121311">Modify Configuration</strong>.</span></li></ol><ol start="3" id="admin_guide_000162__ol186605552125"><li id="admin_guide_000162__li2795193861413"><span>Modify the parameters according to <a href="#admin_guide_000162__table19796438111412">Table 1</a>.</span><p>
<div class="tablenoborder"><a name="admin_guide_000162__table19796438111412"></a><a name="table19796438111412"></a><table cellpadding="4" cellspacing="0" summary="" id="admin_guide_000162__table19796438111412" frame="border" border="1" rules="all"><caption><b>Table 1 </b>okerberos parameters</caption><thead align="left"><tr id="admin_guide_000162__row679817382146"><th align="left" class="cellrowborder" valign="top" width="17.87%" id="mcps1.3.3.5.1.2.1.2.3.1.1"><p id="admin_guide_000162__p4798638161419"><strong id="admin_guide_000162__b168374492257">Parameter</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="82.13000000000001%" id="mcps1.3.3.5.1.2.1.2.3.1.2"><p id="admin_guide_000162__p7800153811142"><strong id="admin_guide_000162__b103981725132617">Description</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="admin_guide_000162__row380123821413"><td class="cellrowborder" valign="top" width="17.87%" headers="mcps1.3.3.5.1.2.1.2.3.1.1 "><p id="admin_guide_000162__p1680215384145">KDC Timeout (ms)</p>
</td>
<td class="cellrowborder" valign="top" width="82.13000000000001%" headers="mcps1.3.3.5.1.2.1.2.3.1.2 "><p id="admin_guide_000162__p15802133871410">Timeout duration for an application to connect to Kerberos, in milliseconds. The value must be an integer.</p>
</td>
</tr>
<tr id="admin_guide_000162__row680318387148"><td class="cellrowborder" valign="top" width="17.87%" headers="mcps1.3.3.5.1.2.1.2.3.1.1 "><p id="admin_guide_000162__p118031038151419">Max Retries</p>
</td>
<td class="cellrowborder" valign="top" width="82.13000000000001%" headers="mcps1.3.3.5.1.2.1.2.3.1.2 "><p id="admin_guide_000162__p980473816145">Maximum number of retries for an application to connect to Kerberos, in seconds. The value must be an integer.</p>
</td>
</tr>
<tr id="admin_guide_000162__row168046388140"><td class="cellrowborder" valign="top" width="17.87%" headers="mcps1.3.3.5.1.2.1.2.3.1.1 "><p id="admin_guide_000162__p3805153811149">LDAP Timeout (ms)</p>
</td>
<td class="cellrowborder" valign="top" width="82.13000000000001%" headers="mcps1.3.3.5.1.2.1.2.3.1.2 "><p id="admin_guide_000162__p19806153891418">Timeout duration for Kerberos to connect to LDAP, in milliseconds.</p>
</td>
</tr>
<tr id="admin_guide_000162__row280663812145"><td class="cellrowborder" valign="top" width="17.87%" headers="mcps1.3.3.5.1.2.1.2.3.1.1 "><p id="admin_guide_000162__p13807183831410">LDAP Search Timeout (ms)</p>
</td>
<td class="cellrowborder" valign="top" width="82.13000000000001%" headers="mcps1.3.3.5.1.2.1.2.3.1.2 "><p id="admin_guide_000162__p6807143841416">Timeout duration for Kerberos to query user information in LDAP, in milliseconds.</p>
</td>
</tr>
<tr id="admin_guide_000162__row980883820140"><td class="cellrowborder" valign="top" width="17.87%" headers="mcps1.3.3.5.1.2.1.2.3.1.1 "><p id="admin_guide_000162__p178082038131415">Kadmin Listening Port</p>
</td>
<td class="cellrowborder" valign="top" width="82.13000000000001%" headers="mcps1.3.3.5.1.2.1.2.3.1.2 "><p id="admin_guide_000162__p180963861410">Port number of the Kadmin service.</p>
</td>
</tr>
<tr id="admin_guide_000162__row68091638171419"><td class="cellrowborder" valign="top" width="17.87%" headers="mcps1.3.3.5.1.2.1.2.3.1.1 "><p id="admin_guide_000162__p14811538151420">KDC Listening Port</p>
</td>
<td class="cellrowborder" valign="top" width="82.13000000000001%" headers="mcps1.3.3.5.1.2.1.2.3.1.2 "><p id="admin_guide_000162__p781216389148">Port number of the kinit service.</p>
</td>
</tr>
<tr id="admin_guide_000162__row7812038111414"><td class="cellrowborder" valign="top" width="17.87%" headers="mcps1.3.3.5.1.2.1.2.3.1.1 "><p id="admin_guide_000162__p1281303811415">Kpasswd Listening Port</p>
</td>
<td class="cellrowborder" valign="top" width="82.13000000000001%" headers="mcps1.3.3.5.1.2.1.2.3.1.2 "><p id="admin_guide_000162__p128141138171412">Port number of the Kpasswd service.</p>
</td>
</tr>
<tr id="admin_guide_000162__row20966195334515"><td class="cellrowborder" valign="top" width="17.87%" headers="mcps1.3.3.5.1.2.1.2.3.1.1 "><p id="admin_guide_000162__p199671653114511">Reset LDAP Account Password</p>
</td>
<td class="cellrowborder" valign="top" width="82.13000000000001%" headers="mcps1.3.3.5.1.2.1.2.3.1.2 "><p id="admin_guide_000162__p188440395501">Machine-machine users (<strong id="admin_guide_000162__b518054317469">cn=krbadmin,ou=Users,dc=hadoop,dc=com</strong> and <strong id="admin_guide_000162__b64868461466">cn=krbkdc,ou=Users,dc=hadoop,dc=com</strong>) used by Kerberos to access LDAP.</p>
<p id="admin_guide_000162__p5967125311458">If this parameter is selected, the passwords will be replaced by random passwords.</p>
<div class="note" id="admin_guide_000162__note473616595613"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="admin_guide_000162__p673710596614">This parameter is available only in MRS 3.1.2 or later.</p>
</div></div>
</td>
</tr>
</tbody>
</table>
</div>
</p></li><li id="admin_guide_000162__li13428823202711"><span>Click <strong id="admin_guide_000162__b9744151814407">OK</strong>.</span><p><p id="admin_guide_000162__p44291923122716">In the displayed dialog box, enter the password of the current login user and click <strong id="admin_guide_000162__b6500183494017">OK</strong>. In the displayed confirmation dialog box, click <strong id="admin_guide_000162__b652142134010">OK</strong>.</p>
</p></li></ol>
<p class="tableheading" id="admin_guide_000162__p1129317580125"><strong id="admin_guide_000162__b05531719204114">Modifying the oldap configuration</strong></p>
<ol start="5" id="admin_guide_000162__ol9295145814127"><li id="admin_guide_000162__li102951958171211"><span>Locate the row that contains the oldap and click <strong id="admin_guide_000162__b164992299507">Modify Configuration</strong>.</span></li></ol><ol start="6" id="admin_guide_000162__ol16968152813285"><li id="admin_guide_000162__li596815283280"><span>Modify the parameters according to <a href="#admin_guide_000162__table1696932817285">Table 2</a>.</span><p>
<div class="tablenoborder"><a name="admin_guide_000162__table1696932817285"></a><a name="table1696932817285"></a><table cellpadding="4" cellspacing="0" summary="" id="admin_guide_000162__table1696932817285" frame="border" border="1" rules="all"><caption><b>Table 2 </b>OLDAP parameters</caption><thead align="left"><tr id="admin_guide_000162__row1697112802816"><th align="left" class="cellrowborder" valign="top" width="17.95%" id="mcps1.3.3.8.1.2.1.2.3.1.1"><p id="admin_guide_000162__p209711286282"><strong id="admin_guide_000162__b179673301441">Parameter</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="82.05%" id="mcps1.3.3.8.1.2.1.2.3.1.2"><p id="admin_guide_000162__p1971182813281"><strong id="admin_guide_000162__b7490123318444">Description</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="admin_guide_000162__row8918329172914"><td class="cellrowborder" valign="top" width="17.95%" headers="mcps1.3.3.8.1.2.1.2.3.1.1 "><p id="admin_guide_000162__p28143905">LDAP Listening Port</p>
</td>
<td class="cellrowborder" valign="top" width="82.05%" headers="mcps1.3.3.8.1.2.1.2.3.1.2 "><p id="admin_guide_000162__p65063845">Port number of the LDAP service.</p>
</td>
</tr>
<tr id="admin_guide_000162__row1741154210496"><td class="cellrowborder" valign="top" width="17.95%" headers="mcps1.3.3.8.1.2.1.2.3.1.1 "><p id="admin_guide_000162__p7113652134917">Reset LDAP Account Password</p>
</td>
<td class="cellrowborder" valign="top" width="82.05%" headers="mcps1.3.3.8.1.2.1.2.3.1.2 "><p id="admin_guide_000162__p581819292502">Machine-machine users (<strong id="admin_guide_000162__b8544130185320">cn=root,dc=hadoop,dc=com</strong> and <strong id="admin_guide_000162__b19786192205318">cn=pg_search_dn,ou=Users,dc=hadoop,dc=com</strong>) used by LDAP for data management, synchronization, and status check.</p>
<p id="admin_guide_000162__p8113205204911">If this parameter is selected, the passwords will be replaced by random passwords.</p>
<div class="note" id="admin_guide_000162__note10708115783"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="admin_guide_000162__p57098155814">This parameter is available only in MRS 3.1.2 or later.</p>
</div></div>
</td>
</tr>
</tbody>
</table>
</div>
</p></li><li id="admin_guide_000162__li69851028102817"><span>Click <strong id="admin_guide_000162__b1168920431445">OK</strong>.</span><p><p id="admin_guide_000162__p0985728202817">In the displayed dialog box, enter the password of the current login user and click <strong id="admin_guide_000162__b17509104623118">OK</strong>. In the displayed confirmation dialog box, click <strong id="admin_guide_000162__b15099466318">OK</strong>.</p>
<div class="note" id="admin_guide_000162__note862225202520"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="admin_guide_000162__p16623552142513">To reset the password of the LDAP account, you need to restart ACS. The procedure is as follows:</p>
<ol type="a" id="admin_guide_000162__ol13580133114265"><li id="admin_guide_000162__li195801831182620">Log in to the active management node as user <strong id="admin_guide_000162__b31158458743023">omm</strong> using PuTTY, and run the following command to update the domain configuration:<p id="admin_guide_000162__p19149124182613"><strong id="admin_guide_000162__b3149132415269">sh ${BIGDATA_HOME}/om-server/om/sbin/restart-RealmConfig.sh</strong></p>
<p id="admin_guide_000162__p15149122462612">The command is run successfully if the following information is displayed:</p>
<pre class="screen" id="admin_guide_000162__screen5149102422612">Modify realm successfully...</pre>
</li><li id="admin_guide_000162__li201665394261">Run the <strong id="admin_guide_000162__b11497247260">s</strong><strong id="admin_guide_000162__b1414918243263">h $CONTROLLER_HOME/sbin/acs_cmd.sh stop</strong> command to stop ACS.</li><li id="admin_guide_000162__li1616643902615">Run the <strong id="admin_guide_000162__b151490245265">sh $CONTROLLER_HOME/sbin/acs_cmd.sh start</strong> command to start ACS.</li></ol>
</div></div>
</p></li></ol>
<p id="admin_guide_000162__p366019422204"><strong id="admin_guide_000162__b17731543143313">Restarting the cluster</strong></p>
<ol start="8" id="admin_guide_000162__ol16326312122113"><li id="admin_guide_000162__li123265120218"><span>Log in to <span id="admin_guide_000162__text0443195565510">MRS</span> Manager and restart the cluster by referring to <a href="admin_guide_000012.html">Performing a Rolling Restart of a Cluster</a>.</span></li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="admin_guide_000159.html">OMS Management</a></div>
</div>
</div>
View Git Blame Copy Permalink