Fully managed cloud. 30-day FREE full featured trial. Start Now
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Virtual schema - Kerberos connection to Impala

gcekol
SQL-Fighter

‎23-11-2020 8:51 AM - last edited on ‎16-11-2021 7:41 PM by

Dear all,

I'm trying establish a connection from Exasol to Impala that is Kerberos secured.

This is what I've found on Github:

python tools/create_kerberos_conn.py krb_conn krbuser@EXAMPLE.COM /etc/krb5.conf ./krbuser.keytab \
'jdbc:impala://<Impala host>:<port>;AuthMech=1;KrbRealm=EXAMPLE.COM;KrbHostFQDN=host.example.com;KrbServiceName=impala'

I've done this already while I was connecting Cognos to Impala, so I have all the files.

What I am not sure is where do I need to store the krb5.conf and *.keytab file? On local machine or do I need to upload it to Exasol server.

I'm not much of UNIX/Linux person, so if those files need to be on Exasol server, can you tell me how to do it?

 

Thank you in advance!

 

Goran 

Labels:
6 REPLIES 6

exa-Nico
Community Manager
Community Manager

‎23-11-2020 12:08 PM

Hi Goran, 

You don't need to store the conf or keytab file in the Exasol server. You need to run the python script on your local machine (or any machine) and within your execution put the path to the conf and keytab file there.

The script will generate a CREATE CONNECTION command which you just need to copy to the database.

Sports Enthusiast. Database Guy. Member of Team Exasol.
Having trouble? Just let me know!

Please Give Kudos if you find this post useful and also mark this as Accepted Solution if this is the required solution
0 Kudos

gcekol
SQL-Fighter

‎23-11-2020 1:05 PM - edited ‎23-11-2020 1:18 PM

Thank you for your answer!

I need to install Python locally, run the script and hopefully everything will be fine.

0 Kudos

exa-Nico
Community Manager
Community Manager

‎23-11-2020 2:21 PM

Fingers crossed that everything's fine 😉

Sports Enthusiast. Database Guy. Member of Team Exasol.
Having trouble? Just let me know!

Please Give Kudos if you find this post useful and also mark this as Accepted Solution if this is the required solution

gcekol
SQL-Fighter

‎24-11-2020 2:49 PM - edited ‎24-11-2020 2:52 PM

Well, it doesn't work yet and I still need a little bit of help.

I've installed Python and I was able to run the create_kerberos_conn.py

Syntax:

python folder> create_kerberos_conn_py -r -o out.txt IMPALA_CONNECTION bddwh@BDSIM.SIT.PBZ.HR krb5.conf krb5.keytab

Result was out.exe file (see in attachment)

 

After that I run on DBVisualizer following code:

 

CREATE OR REPLACE CONNECTION IMPALA_CONNECTION TO 'jdbc:impala://<server_name>:<port>;AuthMech=1;KrbRealm=BDSIM.SIT.PBZ.HR; KrbHostFQDN=<servername@BDSIM.SIT.PBZ.HR>; KrbService Name = 'impala';

USER bddwh@BDSIM.SIT.PBZ.HR IDENTIFIED BY 'large string from out.txt file'

 

I have tried with FQDN and with IP adress for server name.

The error message is also in attachment.

 

Thank you in advance!

Goran

 

error.txt
7 KB
out.txt
4 KB
0 Kudos

gcekol
SQL-Fighter

‎24-11-2020 3:13 PM

I will try to see if there is somekind of firewall problem.

0 Kudos

gcekol
SQL-Fighter

‎25-11-2020 10:55 AM

Firewall is not an issue.

 

0 Kudos

New to the Exasol Community?

Then it's time to become part of a unique family! Discover helpful tips and support other Community members with your knowledge.