HELP cleanup Kerberos on 10.4.11 server

I have a Xserve running as a Open Directory Master and a PDC. This is working fine, but it has never been kerberized. When I try to do it from the GUI interface it keeps prompting for a password and never does anything. I followed some guides on doing it all from the comand line and I am close but still get a few errors. Can someone help me with intructions on what files to delete, so I have a fresh start? The dns forward and reverse lookups all return the correct domain. xserve4.winterset.k12.ia.us The sharing name is xserve4.local Here are the commands I tried: [b]kerberosautoconfig -r XSERVE4.WINTERSET.K12.IA.US -m xserve4.winterset.k12.ia.us[/b] [b]RESULTS:[/b] xserve4:/usr/sbin root# kdcsetup -f /LDAPv3/127.0.0.1 -w -a DIRADMIN -p ****** XSERVE4.WINTERSET.K12.IA.US create: The database '/var/db/krb5kdc/principal' appears to already exist SendInteractiveCommand: failed to get pattern WARNING: no policy specified for DIRADMIN@XSERVE4.WINTERSET.K12.IA.US; defaulting to no policy add_principal: Principal or policy already exists while creating "DIRADMIN@XSERVE4.WINTERSET.K12.IA.US". edu.mit.kadmind: Already loaded com.apple.kdcmond: Already loaded [b]kdcsetup -f /LDAPv3/127.0.0.1 -w -a DIRADMIN -p ****** XSERVE4.WINTERSET.K12.IA.US[/b] [b]RESULTS:[/b] kdb5_util: File exists while creating/opening admin policy database. WARNING: no policy specified for DIRADMIN@XSERVE4.WINTERSET.K12.IA.US; defaulting to no policy kadmin.local: Principal kadmin/admin@XSERVE4.WINTERSET.K12.IA.US does not exist. kadmin.local: Principal kadmin/changepw@XSERVE4.WINTERSET.K12.IA.US does not exist. edu.mit.kadmind: Already loaded com.apple.kdcmond: Already loaded xserve4:/var/db/krb5kdc root# Workaround Bonjour: Unknown error: 0 Workaround Bonjour: Unknown error: 0 [b]slapconfig -kerberize DIRADMIN XSERVE4.WINTERSET.K12.IA.US[/b] [b]RESULTS:[/b] DIRADMIN's Password: (I type it in) Removed directory at path /var/db/krb5kdc. command: /sbin/kerberosautoconfig -r XSERVE4.WINTERSET.K12.IA.US -m xserve4.winterset.k12.ia.us -u -v 1 command: /usr/sbin/kdcsetup -f /LDAPv3/127.0.0.1 -w -a DIRADMIN -p **** -v 1 XSERVE4.WINTERSET.K12.IA.US kdcsetup command output: Contacting the Directory Server Authenticating to the Directory Server Creating Kerberos directory Creating KDC Config File Creating Admin ACL File Creating Kerberos Master Key Creating Kerberos Database Creating Kerberos Admin user Adding kerberos auth authority to admin user Creating keytab for the admin tools Adding KDC & kadmind to launchd Adding the new KDC into the KerberosClient config record AddKDCToConfig: KDC is already present in record Finished command: /usr/sbin/sso_util configure -r XSERVE4.WINTERSET.K12.IA.US -f /LDAPv3/127.0.0.1 -a DIRADMIN -p **** -v 1 all sso_util command output: Contacting the directory server Creating the service list Creating the service principals sso_util command failed with status 2 command: /usr/sbin/sso_util configure -r XSERVE4.WINTERSET.K12.IA.US -f /LDAPv3/127.0.0.1 -a DIRADMIN -p **** -v 1 ldap sso_util command output: Contacting the directory server Creating the service list Creating the service principals sso_util command failed with status 2 command: /usr/sbin/mkpassdb -kerberize (it sits here forever - have to do a CONTROL C) [b]sso_util configure -r XSERVE4.WINTERSET.K12.IA.US -a DIRADMIN -p ****** all[/b] [b]RESULTS:[/b] Contacting the directory server Creating the service list Creating the service principals SendInteractiveCommand: failed to get pattern I had to manuall start the KDC service before doing all of this as it never runs automatically. We cannot reinstall the server as we are in the middle of the school year and have 1700 accounts and many XP systems joined to the domain and need Kerberos to work for our Leopard clients. They TAKE FOREVER to login to the Tiger server and I was told it was because Kerberos is not working. We also want to use Spiceworks with authenticated users for the HelpDesk but it will not work until Kerberos is working. Spiceworks SETUP for the AD account fails without it. Please help. :) Lannie