If a request is securely accepted (e.g. otp), is there a method to synthetically grant a krb5.keytab / KRB5CCNAME w/ krbtgt to a user by kadmin.local? Could be a help for batch jobs or login purposes. Regards, Rainer Laatsch