You probably know how it works if you want to get a windows machine talk to a Windows Active Directory. You just select the AD domain and then you join the domain by typing the Administrators password. One thing what is happening there is that a principal with admin privileges (the Administrator) adds a host principal for the host to the database and generates a local copy of the key in the local keytab file. How can this done easily? You just run kadmin on the "joining host" and conduct these actions. To make this work,, you first have to kerberize kadmin. Just add a principal kadmin/kerberos.redflo.de:
kadmin.local: add_principal -randkey kadmin/kerberos.redflo.de WARNING: no policy specified for kadmin/kerberos.redflo.de@REDFLO.DE; defaulting to no policy Principal "kadmin/kerberos.redflo.de@REDFLO.DE" created.
todo: finish this chapter!!!