$ setup kcroninit $ kcroninitYou will need to enter your kerberos principal and password, so you MUST BE ON A SECURE CHANNEL. This will create the new principal "user/cron/host.domain@REALM" for the current host, and will write the corresponding keytab file.
0 2 * * 0,4 /usr/krb5/bin/kcron /home/files/myjob -akwhere the command "/home/files/myjob -ak" is authenticated as "user/cron/host.domain@REALM". If authentication is needed only for access to the user's AFS files, this is sufficient.
$ setup kcroninit $ kcrondestroy