error Message is Server not found in Kerberos database

[photogamerun]

I have two machines

in 10.28.125.230 when I init presto-cli krb5 init is working /usr/java/jdk1.8.0_60/bin/java -Dsun.security.krb5.debug=true -jar presto-cli-0.190-executable.jar --server https://svr14375de630.hadoop.sh2.ctripcorp.com:7778 --enable-authentication --krb5-principal bidiy@DC.SH.CTRIPCORP.COM --krb5-keytab-path bidiy.keytab --krb5-remote-service-name hive --keystore-path keystore.jks --keystore-password presto --user bidiy --source presto-cli --catalog hive --schema default;

when I swith to 10.25.155.154 use all the same config files and run the same command /usr/java/jdk1.8.0_60/bin/java -Dsun.security.krb5.debug=true -jar presto-cli-0.190-executable.jar --server https://svr14375de630.hadoop.sh2.ctripcorp.com:7778 --enable-authentication --krb5-principal bidiy@DC.SH.CTRIPCORP.COM --krb5-keytab-path bidiy.keytab --krb5-remote-service-name hive --keystore-path keystore.jks --keystore-password presto --user bidiy --source presto-cli --catalog hive --schema default;

exception throws

KDCRep: init() encoding tag is 126 req type is 13 KRBError: cTime is Fri Jan 16 11:22:30 CST 2037 2115688950000 sTime is Tue Oct 16 18:35:30 CST 2018 1539686130000 suSec is 883059 error code is 7 error Message is Server not found in Kerberos database cname is bidiy@DC.SH.CTRIPCORP.COM sname is hive/10.28.89.107@DC.SH.CTRIPCORP.COM msgType is 30 KrbException: Server not found in Kerberos database (7) - LOOKING_UP_SERVER at sun.security.krb5.KrbTgsRep.(KrbTgsRep.java:73) at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:259) at sun.security.krb5.KrbTgsReq.sendAndGetCreds(KrbTgsReq.java:270) at sun.security.krb5.internal.CredentialsUtil.serviceCreds(CredentialsUtil.java:302) at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(CredentialsUtil.java:120) at sun.security.krb5.Credentials.acquireServiceCreds(Credentials.java:458) at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:693) at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:248) at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:179) at sun.security.jgss.spnego.SpNegoContext.GSS_initSecContext(SpNegoContext.java:882) at sun.security.jgss.spnego.SpNegoContext.initSecContext(SpNegoContext.java:317) at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:248) at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:179) at com.facebook.presto.client.SpnegoHandler.generateToken(SpnegoHandler.java:165) at com.facebook.presto.client.SpnegoHandler.authenticate(SpnegoHandler.java:138) at com.facebook.presto.client.SpnegoHandler.intercept(SpnegoHandler.java:109) at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147) at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121) at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:200) at okhttp3.RealCall.execute(RealCall.java:77) at com.facebook.presto.client.JsonResponse.execute(JsonResponse.java:130) at com.facebook.presto.client.StatementClient.(StatementClient.java:128) at com.facebook.presto.cli.QueryRunner.startInternalQuery(QueryRunner.java:114) at com.facebook.presto.cli.QueryRunner.startInternalQuery(QueryRunner.java:105) at com.facebook.presto.cli.TableNameCompleter.queryMetadata(TableNameCompleter.java:73) at com.facebook.presto.cli.TableNameCompleter.listFunctions(TableNameCompleter.java:67) at com.google.common.cache.CacheLoader$FunctionToCacheLoader.load(CacheLoader.java:146) at com.google.common.cache.CacheLoader$1.load(CacheLoader.java:182) at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3716) at com.google.common.cache.LocalCache$Segment.loadAsync(LocalCache.java:2433) at com.google.common.cache.LocalCache$Segment.refresh(LocalCache.java:2508) at com.google.common.cache.LocalCache.refresh(LocalCache.java:4307) at com.google.common.cache.LocalCache$LocalLoadingCache.refresh(LocalCache.java:5166) at com.facebook.presto.cli.TableNameCompleter.lambda$populateCache$0(TableNameCompleter.java:92) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: KrbException: Identifier doesn't match expected value (906) at sun.security.krb5.internal.KDCRep.init(KDCRep.java:140) at sun.security.krb5.internal.TGSRep.init(TGSRep.java:65) at sun.security.krb5.internal.TGSRep.(TGSRep.java:60) at sun.security.krb5.KrbTgsRep.(KrbTgsRep.java:55) ... 36 more

I telnet the kdc it works, telnet the presto server it works I am confused. need someone's help~

[photogamerun]

profile = /usr/local/var/krb5kdc/kdc.conf

[logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log

[libdefaults] default_realm = DC.SH.CTRIPCORP.COM ticket_lifetime = 7d renew_lifetime = 1d forwardable = true renewable = true permitted_enctypes = des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4 default_tgs_enctypes = des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4 default_tkt_enctypes = des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4

[realms] DC.SH.CTRIPCORP.COM = { kdc = kdc.hadoop.ctripcorp.com:88 kdc = kdc-master.hadoop.ctripcorp.com master_kdc = kdc-master.hadoop.ctripcorp.com admin_server = kdc-master.hadoop.ctripcorp.com:749 default_domain = dc.sh.ctripcorp.com }

[domain_realm] .hadoop.sh2.ctripcorp.com = DC.SH.CTRIPCORP.COM hadoop.sh2.ctripcorp.com = DC.SH.CTRIPCORP.COM

[stale[bot]]

This issue has been automatically marked as stale because it has not had any activity in the last 2 years. If you feel that this issue is important, just comment and the stale tag will be removed; otherwise it will be closed in 7 days. This is an attempt to ensure that our open issues remain valuable and relevant so that we can keep track of what needs to be done and prioritize the right things.

[lokeshkh92]

Getting the exact same issue, in my case too telnet the kdc works, telnet the presto server also works. Can someone please suggest a possible solution ?