Solaris 10 kadmin client

[Ian Grant]

Dear Kerberos types

I am having trouble with Sun's Solaris 10 kadmin client. When run it
tries to authenticate to the service principal kadmin/kdc.example.com,
contrary to the man page's statement that it " ... authenticates  the
user to the Kerberos administration server, kadmind, whose service
principal is kadmin/admin." There is no mention in Sun's documentation
on how to set this to something different (my heimdal kadmind has
associated principal kadmin/admin.) Does anyone have an explanation
for this behaviour? Here's my /etc/krb5/krb5.conf on the Solaris 10
box:

[libdefaults]
        default_realm = EXAMPLE.COM

[realms]
        EXAMPLE.COM = {
           kdc = kdc.example.com
           admin_server = kdc.example.com
        }

[domain_realm]

[logging]
        default = FILE:/var/krb5/kdc.log
        kdc = FILE:/var/krb5/kdc.log
        kdc_rotate = {
          period = 1d
          version = 10
        }
[appdefaults]
        kinit = {
          renewable = true
          forwardable= true
        }

The exact error I get is:

bash-3.00# kadmin
Authenticating as principal someguy/admin at EXAMPLE.COM with
password.
kadmin: Database error! Required KADM5 principal missing while
initializing kadmin interface
bash-3.00# 

But in the logs on the kdc I see

2005-03-01T11:52:15 AS-REQ someguy/admin at EXAMPLE.COM from IPv4:10.0.0.3
for kadmin/kdc.example.com at EXAMPLE.COM
2005-03-01T11:52:15 UNKNOWN -- kadmin/kdc.example.com at EXAMPLE.COM: No
such entry in the database