Create rangertagsync/<FQDN>@<REALM>:

> kadmin.local
>addprinc -randkey rangertagsync/<FQDN_of_Ranger_tagsync>
> xst -k /etc/security/keytabs/rangertagsync.keytab rangertagsync/<FQDN>@<REALM>
> exit

Verify that rangertagsync created principal:

> kinit -kt /etc/security/keytabs/rangertagsync.keytab rangertagsync/<FQDN_of_Ranger_tagsync>@<REALM>

After using the kinit command, there should not be any errors. You can use the klist command to verify that your kinit command was successful.

Use the kdestroy command to destroy your active Kerberos authorization tickets by overwriting and deleting the credentials cache that contains them:

kdestroy

Change the keytab permission to read-only and assign it to user ranger.