Troubleshoot OpsCenter Kerberos connections with debug options.
Troubleshoot OpsCenter Kerberos connections with debug options.
cluster_name.conf
The location of the cluster_name.conf file depends on the type of installation:
- Package installations:
/etc/opscenter/clusters/cluster_name.conf
- Tarball installations:
install_location/conf/clusters/cluster_name.conf
Procedure
-
Open the cluster-specific configuration file,
for editing. Replace
cluster_name with the name of your cluster.
-
Add the following to the
[kerberos]
section to output debug
messages during Kerberos connections attempts from OpsCenter:
The debug option outputs the contents of the server section from the
jaas-krb5.conf file, informing you of the settings in
use that you can verify against your configuration settings.
-
Restart OpsCenter.
-
If deeper debugging is necessary, add
-Dsun.security.krb5.debug=true
to
$OPSC_JVM_OPTS
. The JVM parameter outputs verbose
information about reasons why Kerberos connections attempts are failing, such as
not authenticating due to key expiration, or no keys present in keytab, or
cannot find keytab, for example.