Kerberos is incompatible with MS Active Directory

[st33v]

I'm trying to use kerberos with an AD domain controller and I get this error:

[sarama] 2021/09/17 16:00:30 client/metadata got error from broker -1 while fetching metadata: [Root cause: KRBMessage_Handling_Error] KRBMessage_Handling_Error: AS Exchange Error: AS_REP is not valid or client password/keytab incorrect < KRBMessage_Handling_Error: KDC did not respond appropriately to FAST negotiation

Here is more information: https://github.com/jcmturner/gokrb5/blob/master/USAGE.md#active-directory-kdc-and-fast-negotiation

I believe it is necessary to add an additional flag to disable FAST negotiation like they did over at HashiCorp for Vault as described here: https://github.com/hashicorp/vault-plugin-auth-kerberos/pull/43

[danielqsj]

@st33v please have a try about the latest image docker pull danielqsj/kafka-exporter:latest which introduced the FAST switch by https://github.com/danielqsj/kafka_exporter/commit/e8cd9a95c65ee0a9e2ceaa0f43235ff705a02bdc