The Hortonworks Community Connection is now live. A completely rebuilt Q&A forum, Knowledge Base, Code Hub and more, backed by the experts in the industry.

You will be redirected here in 10 seconds. If your are not redirected, click here to visit the new site.

The legacy Hortonworks Forum is now closed. You can view a read-only version of the former site by clicking here. The site will be taken offline on January 31,2016

Security Forum

Security in HDP for Windows

  • #47629
    Xiaomin Deng

    Hi, I’m playing with HDP for windows, and have 2 questions about security.
    1. Kerberos Authentication: How to configure the HDP to use windows Kerberos authentication? I saw all documents is about configure kereros in linux/CenterOS. But in windows AD, there is already one KDC in the domain controller, and we never manually generate the key tab files.
    2. The account for running Map Reduce job. Currently, what i saw is the process of MR job is running with the same account (hadoop) as the taskTracker service, but not the account of the job owner. If i write some malicious code in the MR job, the code can directly access local FS or HDFS in the security context of “hadoop” user. And “hadoop” user is actually the super account in hadoop system. This is big security issue. What we can do with this?

  • Author
  • #49123
    Vinay Shukla

    HDP for Windows doesn’t yet have the security parity with Linux. We plan to deliver it 1stHalf of 2014.

    Xiaomin Deng


    Thanks for your reply.
    For question #1, i have successfully set up the Kerberos auth on windows by manually configuring java Kerberos config and exporting the key tab files. Do you have plan to improve this?
    Will #2 be implemented by written windows version container launcher which can do impersonation for running the processes.

The forum ‘Security’ is closed to new topics and replies.

Support from the Experts

A HDP Support Subscription connects you experts with deep experience running Apache Hadoop in production, at-scale on the most demanding workloads.

Enterprise Support »

Become HDP Certified

Real world training designed by the core architects of Hadoop. Scenario-based training courses are available in-classroom or online from anywhere in the world

Training »

Hortonworks Data Platform
The Hortonworks Data Platform is a 100% open source distribution of Apache Hadoop that is truly enterprise grade having been built, tested and hardened with enterprise rigor.
Get started with Sandbox
Hortonworks Sandbox is a self-contained virtual machine with Apache Hadoop pre-configured alongside a set of hands-on, step-by-step Hadoop tutorials.
Modern Data Architecture
Tackle the challenges of big data. Hadoop integrates with existing EDW, RDBMS and MPP systems to deliver lower cost, higher capacity infrastructure.