diff --git a/lib/gssapi/accept_sec_context.c b/lib/gssapi/accept_sec_context.c
index 2a4145b50..d5d97b5f6 100644
--- a/lib/gssapi/accept_sec_context.c
+++ b/lib/gssapi/accept_sec_context.c
@@ -35,20 +35,20 @@
 
 RCSID("$Id$");
 
-static krb5_keytab gss_keytab;
+krb5_keytab gssapi_krb5_keytab;
 
 OM_uint32
 gsskrb5_register_acceptor_identity (char *identity)
 {
     char *p;
-    if(gss_keytab != NULL) {
-	krb5_kt_close(gssapi_krb5_context, gss_keytab);
-	gss_keytab = NULL;
+    if(gssapi_krb5_keytab != NULL) {
+	krb5_kt_close(gssapi_krb5_context, gssapi_krb5_keytab);
+	gssapi_krb5_keytab = NULL;
     }
     asprintf(&p, "FILE:%s", identity);
     if(p == NULL)
 	return GSS_S_FAILURE;
-    krb5_kt_resolve(gssapi_krb5_context, p, &gss_keytab);
+    krb5_kt_resolve(gssapi_krb5_context, p, &gssapi_krb5_keytab);
     free(p);
     return GSS_S_COMPLETE;
 }
@@ -199,8 +199,8 @@ gss_accept_sec_context
   }
 
   if (acceptor_cred_handle == GSS_C_NO_CREDENTIAL) {
-      if (gss_keytab != NULL) {
-	  keytab = gss_keytab;
+      if (gssapi_krb5_keytab != NULL) {
+	  keytab = gssapi_krb5_keytab;
      }
   } else if (acceptor_cred_handle->keytab != NULL) {
      keytab = acceptor_cred_handle->keytab;
diff --git a/lib/gssapi/acquire_cred.c b/lib/gssapi/acquire_cred.c
index f55891db5..86ebec8a8 100644
--- a/lib/gssapi/acquire_cred.c
+++ b/lib/gssapi/acquire_cred.c
@@ -85,9 +85,23 @@ OM_uint32 gss_acquire_cred
     	krb5_get_init_creds_opt opt;
 
  try_keytab:
-	kret = krb5_kt_default(gssapi_krb5_context, &handle->keytab);
-	if (kret != 0)
-	    goto krb5_bad;
+	if (gssapi_krb5_keytab != NULL) {
+	    char kt_name[256];
+
+	    kret = krb5_kt_get_name(gssapi_krb5_context,
+				    gssapi_krb5_keytab,
+				    kt_name, sizeof(kt_name));
+	    if (kret)
+		goto krb5_bad;
+	    kret = krb5_kt_resolve(gssapi_krb5_context, kt_name,
+				   &handle->keytab);
+	    if (kret)
+		goto krb5_bad;
+	} else {
+	    kret = krb5_kt_default(gssapi_krb5_context, &handle->keytab);
+	    if (kret != 0)
+		goto krb5_bad;
+	}
 
 	krb5_get_init_creds_opt_init(&opt);
 	memset(&cred, 0, sizeof(cred));
diff --git a/lib/gssapi/gssapi_locl.h b/lib/gssapi/gssapi_locl.h
index 2e2948c3d..c4e76c432 100644
--- a/lib/gssapi/gssapi_locl.h
+++ b/lib/gssapi/gssapi_locl.h
@@ -46,6 +46,8 @@
 
 extern krb5_context gssapi_krb5_context;
 
+extern krb5_keytab gssapi_krb5_keytab;
+
 void gssapi_krb5_init (void);
 
 krb5_error_code
diff --git a/lib/gssapi/krb5/accept_sec_context.c b/lib/gssapi/krb5/accept_sec_context.c
index 2a4145b50..d5d97b5f6 100644
--- a/lib/gssapi/krb5/accept_sec_context.c
+++ b/lib/gssapi/krb5/accept_sec_context.c
@@ -35,20 +35,20 @@
 
 RCSID("$Id$");
 
-static krb5_keytab gss_keytab;
+krb5_keytab gssapi_krb5_keytab;
 
 OM_uint32
 gsskrb5_register_acceptor_identity (char *identity)
 {
     char *p;
-    if(gss_keytab != NULL) {
-	krb5_kt_close(gssapi_krb5_context, gss_keytab);
-	gss_keytab = NULL;
+    if(gssapi_krb5_keytab != NULL) {
+	krb5_kt_close(gssapi_krb5_context, gssapi_krb5_keytab);
+	gssapi_krb5_keytab = NULL;
     }
     asprintf(&p, "FILE:%s", identity);
     if(p == NULL)
 	return GSS_S_FAILURE;
-    krb5_kt_resolve(gssapi_krb5_context, p, &gss_keytab);
+    krb5_kt_resolve(gssapi_krb5_context, p, &gssapi_krb5_keytab);
     free(p);
     return GSS_S_COMPLETE;
 }
@@ -199,8 +199,8 @@ gss_accept_sec_context
   }
 
   if (acceptor_cred_handle == GSS_C_NO_CREDENTIAL) {
-      if (gss_keytab != NULL) {
-	  keytab = gss_keytab;
+      if (gssapi_krb5_keytab != NULL) {
+	  keytab = gssapi_krb5_keytab;
      }
   } else if (acceptor_cred_handle->keytab != NULL) {
      keytab = acceptor_cred_handle->keytab;
diff --git a/lib/gssapi/krb5/acquire_cred.c b/lib/gssapi/krb5/acquire_cred.c
index f55891db5..86ebec8a8 100644
--- a/lib/gssapi/krb5/acquire_cred.c
+++ b/lib/gssapi/krb5/acquire_cred.c
@@ -85,9 +85,23 @@ OM_uint32 gss_acquire_cred
     	krb5_get_init_creds_opt opt;
 
  try_keytab:
-	kret = krb5_kt_default(gssapi_krb5_context, &handle->keytab);
-	if (kret != 0)
-	    goto krb5_bad;
+	if (gssapi_krb5_keytab != NULL) {
+	    char kt_name[256];
+
+	    kret = krb5_kt_get_name(gssapi_krb5_context,
+				    gssapi_krb5_keytab,
+				    kt_name, sizeof(kt_name));
+	    if (kret)
+		goto krb5_bad;
+	    kret = krb5_kt_resolve(gssapi_krb5_context, kt_name,
+				   &handle->keytab);
+	    if (kret)
+		goto krb5_bad;
+	} else {
+	    kret = krb5_kt_default(gssapi_krb5_context, &handle->keytab);
+	    if (kret != 0)
+		goto krb5_bad;
+	}
 
 	krb5_get_init_creds_opt_init(&opt);
 	memset(&cred, 0, sizeof(cred));
diff --git a/lib/gssapi/krb5/gssapi_locl.h b/lib/gssapi/krb5/gssapi_locl.h
index 2e2948c3d..c4e76c432 100644
--- a/lib/gssapi/krb5/gssapi_locl.h
+++ b/lib/gssapi/krb5/gssapi_locl.h
@@ -46,6 +46,8 @@
 
 extern krb5_context gssapi_krb5_context;
 
+extern krb5_keytab gssapi_krb5_keytab;
+
 void gssapi_krb5_init (void);
 
 krb5_error_code