Kerberos-only Active Directory environment

Has anyone been using Mac OS X clients and applications in a Kerberos-only Active Directory environment, where other types of password authentication (including NTLMv2) have been disabled? What are your experiences, regarding what works and doesn't work? TIA.