TrueNAS-13.0-U5.3 Kerberos kadmin flat busted

[TreeBoat]

Howdy,

Ultimately I want to use NFS krb5i, and I've run into some trouble.
I wanted to ensure Kerberos was setup correctly on TrueNAS by using kadmin in the shell.
I did:

Code:

>kadmin -p user/admin
kadmin> get principals

and it just hangs after I put in the password.

I tried doing this with a bogus user, and it will immediately kick back saying the user doesn't exist after the password prompt.

Looking on my KDC's logs I see that truenas/kadmin aren't "completing"(?)

Code:

Sep  3 08:48:27 kdc krb5kdc[3821]: AS_REQ (5 etypes {18 17 16 5 23}) 192.168.1.76: NEEDED_PREAUTH: user/admin@realm for kadmin/admin@realm, Additional pre-authentication required
Sep  3 08:48:27 kdc krb5kdc[3821]: AS_REQ (5 etypes {18 17 16 5 23}) 192.168.1.76: ISSUE: authtime 1693730907, etypes {rep=18 tkt=18 ses=18}, user/admin@realm for kadmin/admin@realm

vs what it looks like in linux

Code:

Sep  3 08:52:40 kdc krb5kdc[3821]: AS_REQ (8 etypes {18 17 20 19 16 23 25 26}) 192.168.81.124: NEEDED_PREAUTH: user/admin@realm for kadmin/admin@realm, Additional pre-authentication required
Sep  3 08:52:45 kdc krb5kdc[3821]: AS_REQ (8 etypes {18 17 20 19 16 23 25 26}) 192.168.81.124: ISSUE: authtime 1693731165, etypes {rep=18 tkt=18 ses=18}, user/admin@realm for kadmin/admin@realm
Sep  3 08:52:45 kdc kadmind[3832]: Request: kadm5_init, user/admin@realm, success, client=user/admin@realm, service=kadmin/admin@realm, addr=192.168.81.124, vers=4, flavor=6

on the NFS front I see

Code:

nfsd: can't register svc name
NLM: local NSM state is 0

in dmesg, but I figure I need to solve this kadmin thing first