Hi Rob,
The error Client 'host/xxx@XXX' not found in Kerberos
database" which I'm also having in my environment.
My IPA and AD realms use the same name however I'm not using DNS in my implementation
as well. The records of both the client and IPA-server are contained in the host file of
the servers thus all name resolution is done locally without the need for a DNS server.