NFS v4 and KDC in Active Directory
One more day spent to use the internal KDC from AD with NFS v4, without success.
It seems that the "net" command from samba 3.0.22 add a SPN in uppercase, I fixed that but it isn't suffisant to be able to use the SPN.
More generally, is seems that adding some SPN in AD isn't successful, even for CIFS:
for i in $(klist -k -e |cut -f5 -d' ') ; do kinit -k $i 2>/dev/null || echo $i BAD; done
for i in $(klist -k -e |cut -f5 -d' ') ; do kinit -k $i 2>/dev/null && echo $i OK; done
gives that only
HOST/hostname_nonfqdn@REALM is working...
enctype is my nightmare.