Mac OS X Server 10.5.5: Enabling Kerberos Authentication for PPTP VPN Service

First, make sure that your server is properly configured as a member of a Kerberos realm.

Next, execute the following command in a Terminal window:

sudo serveradmin settings vpn:Servers:com.apple.ppp.pptp:EAP:KerberosServicePrincipalName = "vpn/host.domain.com@REALM.COM"

Important: This command must be entered on one line. Replace "host.domain.com" with the fully qualified host name of the server, and "REALM.COM" with the name of the Kerberos realm.

You can now choose Kerberos authentication for the PPTP service in Server Admin.