I think the problem is that we want people to run that target without ever actually configuring Kerberos. So depending on configure does not seem like a good solution.