Initial Kerberized Impala Troubleshooting Steps
After configuring Zoomdata to connect to a kerberized Impala data source per Connecting to a Kerberized CDH Cluster , Zoomdata may still fail to connect when the user attempts to create a new Impala data source to this kerberized CDH cluster. In these situations, we recommend you to check the following first before opening a support ticket for further assistance:
Verify that the time is synchronized between the kerberos and Zoomdata servers. Kerberos is very sensitive to time differences that exist. If possible, consider configuring a Network Time Protocol (e.g. ntpd) to synchronize the time on your servers.
Double-check the configuration parameters, JDBC URL, and that the correct user is specified in the
zoomdata.jvmfile for Kerberos. For example, an unintended space when copying parameters can cause the connection to fail.
Check if you are using AES-256 encryption level in your Active Directory. For more information on how to do this in Active Directory, refer to Microsoft documentation. By default, Java doesn't support AES-256 encryption. In case your environment is using AES-256 encryption, make sure to do the following whenever you install Zoomdata on a new server or you are upgrading Zoomdata to a new major version:
Download the archive
jce/US_export_policy.jarfiles from the archive to the
/opt/zoomdata/jre/lib/security/directory. Overwrite the files already present in the directory.
Was this topic helpful?