A client name with an '@'

[Nordgren, Bryce L -FS]

> You could try the -C and -E options to kinit:
> 
> 	-C canonicalize
> 	-E client is enterprise principal name
> 
> — Luke

I could, but I'm not certain the MIT Kerberos KDC (to which kinit is connecting) knows how to canonicalize. Boy if I could get user principal mapping going, that would be sweet.

For the moment, I seem to be PKINITing successfully.

Bryce