/SetRealm DnsDomainName

Makes this computer a member of an RFC1510 Kerberos Realmp  

/MapUser Principal [Account]

Maps a Kerberos Principal ('*' = any principal) to an account ('*' = an account by same name); If account name is omitted, mapping is deleted for the specified principal.  

/AddKdc RealmName [KdcName]

Defines a Kerberos Domain Controller entry for the given realm. If KdcName omitted, DNS mapping may be used to locate Kerberos Domain Controllers.

/DelKdc RealmName [KdcName]

Deletes a Kerberos Domain Controller entry from the realm. If KdcName omitted, the realm entry itself is deleted.

/AddKpasswd Realmname KpasswdName

Add Kpasswd server address for a realm

/DelKpasswd Realmname KpasswdName

Delete Kpasswd server address for a realm

/Server Servername

Specifies name of a Windows machine to target the changes  

/SetComputerPassword Password

Sets the password for the computer's domain account or host principal  

/RemoveRealm RealmName

Deletes all information for this realm from the registry  

/Domain [DomainName]

Uses this domain (if DomainName is unspecified, detects domain)  

/ChangePassword OldPasswd NewPasswd

Use Kpasswd to change the logged-on user's password. Use '*' to be prompted for passwords.

/ListRealmFlags (no args)

Lists the available Realm flags that ksetup knows

/SetRealmFlags <realm> <flag> [flag] [flag] [...]

Sets RealmFlagsfor a specific realm

/AddRealmFlags realm flag [flag] [flag] [...]

Adds additional RealmFlags to a realm

/DelRealmFlags realm flag [flag] [flag] [...]

Deletes RealmFlags from a realm

/DumpState (no arguments)

Analyze the Kerberos configuration on the given machine