check_kadmin is a plugin for monitoring the kadmin daemon.
It uses an admin user with minimal privileges and a keytab to connect to the kadmin daemon to check if the daemon is accepting connections and authenticating users.


./ [-h] | [-p port] [-w warn time] [-c critical time] -u admin_princ -k keytab -r realm


Flag Description
-h, --help Print this help message
-p, --port Specify a port to use (default is kadmin)
-w, --warning Return a warning if plugin takes greater than -w seconds
-c, --critical Exit critical if plugin reaches -c seconds
-u, --user Specifies the kadmin admin account to login with
-k, --keytab Specifies the keytab file containing the key
-r, --realm Specifies the realm


You should create an admin prinicple for this plugin and use an ACL to give it minimal privilages. It only has to be abel to connect to the kadmin daemon. You will need to configure your krb5.conf file for each realm you wish to test.