Why use krb5_set_real_time() instead of NTP ?

[Luke Howard]

>Yes, it is dealing with an unsynchronised clock between itself and the
>KDC.  Yes, the admin should have the clocks in sync.  Windows AD
>networks run something almost but not entirely like NTP automatically to
>avoid this problem.  

Windows clients use SNTP, the key id is the machine account's RID and
authenticator is the MD5 digest of the NT OWF and the NTP packet.

-- Luke

--