Description of problem:
Kerberos client now requires allow_weak_crypto option in libdefaults section for connections that authenticate with server using weak cryptography. If this option is not present, the authentication fails. This should be documented as it can cause confusion when migrating clients to RHEL6.
allow_weak_crypto = yes
Thanks, have added this to the Migration Guide. It will appear on the next publish.