SAS 9.4 M8 WIN 2022 server ACCESS/Hadoop
There is an article by the Guru Stuart Rogers RE. Hadoop Deployment - Kerberos and I am looking for some further clarifications:
1. For WIN environment, if separate MIT KDC setup is not an option, will WIN registry update still work "REG_DWORD key AllowTgtSessionKey registry key" ?
2. There is a script SAS provides (SAS TS) for Linux that could be placed in WorkspaceServer_usermods.sh where TGT is searched for the user that started the session, should that be done for SAS WIN based work space server too?
3. There is a requirement for Java Unlimited strength policy files, with SAS using Zulu (Azul) JRE, does anyone know the download URL or is it now packaged automatically with new SAS bundled JREs?
Thank you in advance,
S
Much thanks, I think at this stage I am attempting to set kerberos outbound only.
1. Asked for uncontrained trusted for delegation
2. Found this linek for unlimited JCE https://support.azul.com/hc/en-us/articles/115001122623-Java-Cryptography-Extension-JCE-for-Azul-Zul... looks like do not need to download and provide.
3. Will ask to review the URLs you shared re. WIN specific issues
Greg, I did run klist on sas server and received output, however, when I did that from klist in SAS private JRE location I received the "credentials cache C:\Users\my-id\krb5ccname_my-id not found I have not enabled desktop IWA yet nor did the jaas.config implemented, would that be the issue? I did have the AllowTgtSessionKey set.
I do appreciate these insights!
The SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment.
SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.
Find more tutorials on the SAS Users YouTube channel.