SMB mount with Kerberos

I have set up a server with Fedora 33 and joined it to an Active Directory. This worked successful and users can authenticate themselves with their Active Directory user names. I can also see my Linux computer in the Active Directory under "Computers". Now I would like to mount a SMB share. However, I am unable to do so and I don't know why. I log in to the server using my AD username and password, which works fine. I can also list my Kerberos tickets: $ klist Ticket cache: KCM:1089742435:31950 Default principal: username@DOMAIN Valid starting Expires Service principal 02/10/2021 11:14:34 02/10/2021 21:14:34 krbtgt/DOMAIN@DOMAIN renew until 02/11/2021 11:14:34 so far, this looks good in my opinion. Then, I try to list the SMB shares: smbclient -L //server/share -m SMB3 -k however, this fails, even though I should have access with my Kerberos ticket. The error shown is: gensec_spnego_client_negTokenInit_step: gse_krb5: creating NEG_TOKEN_INIT for cifs/nas-iap.unibe.ch failed (next[(null)]): NT_STATUS_INVALID_PARAMETER session setup failed: NT_STATUS_INVALID_PARAMETER I don't understand this error. If I try without the -k parameter, the username is correct and I can enter my AD password and see all shares: $ smbclient -L //server/share -m SMB3 Enter username@DOMAIN's password: Sharename Type Comment --------- ---- ------- (fancy list of all shares available) SMB1 disabled -- no workgroup available What is interesting, though, is that kinit -k fails for reasons I don't understand: $ kinit -k kinit: Client 'host/computername@DOMAIN' not found in Kerberos database while getting initial credentials My first step should be to be able to mount the SMB shares. Later on I would like to add them to the fstab with the multiuser option.