diff --git a/library/adenroll.c b/library/adenroll.c
index 44383cc..05bb085 100644
--- a/library/adenroll.c
+++ b/library/adenroll.c
@@ -2276,9 +2276,10 @@ adcli_enroll_add_description_for_service_account (adcli_enroll *enroll)
 	return ADCLI_SUCCESS;
 }
 
-static adcli_result
+adcli_result
 adcli_enroll_add_keytab_for_service_account (adcli_enroll *enroll)
 {
+	adcli_result res;
 	krb5_context k5;
 	krb5_error_code code;
 	char def_keytab_name[MAX_KEYTAB_NAME_LEN];
@@ -2286,11 +2287,14 @@ adcli_enroll_add_keytab_for_service_account (adcli_enroll *enroll)
 	int ret;
 
 	if (adcli_enroll_get_keytab_name (enroll) == NULL) {
-		k5 = adcli_conn_get_krb5_context (enroll->conn);
-		return_unexpected_if_fail (k5 != NULL);
+		res = _adcli_krb5_init_context (&k5);
+		if (res != ADCLI_SUCCESS) {
+			return res;
+		}
 
 		code = krb5_kt_default_name (k5, def_keytab_name,
 		                             sizeof (def_keytab_name));
+		krb5_free_context (k5);
 		return_unexpected_if_fail (code == 0);
 
 		lc_dom_name = strdup (adcli_conn_get_domain_name (enroll->conn));
@@ -2326,9 +2330,6 @@ adcli_enroll_join (adcli_enroll *enroll,
 
 	if (enroll->is_service) {
 		res = adcli_enroll_add_description_for_service_account (enroll);
-		if (res == ADCLI_SUCCESS) {
-			res = adcli_enroll_add_keytab_for_service_account (enroll);
-		}
 	} else {
 		res = ensure_default_service_names (enroll);
 	}
diff --git a/library/adenroll.h b/library/adenroll.h
index 7765ed4..11a30c8 100644
--- a/library/adenroll.h
+++ b/library/adenroll.h
@@ -146,6 +146,8 @@ const char *       adcli_enroll_get_keytab_name         (adcli_enroll *enroll);
 void               adcli_enroll_set_keytab_name         (adcli_enroll *enroll,
                                                          const char *value);
 
+adcli_result       adcli_enroll_add_keytab_for_service_account (adcli_enroll *enroll);
+
 krb5_enctype *     adcli_enroll_get_keytab_enctypes     (adcli_enroll *enroll);
 
 void               adcli_enroll_set_keytab_enctypes     (adcli_enroll *enroll,
diff --git a/tools/computer.c b/tools/computer.c
index 12add05..81fcf67 100644
--- a/tools/computer.c
+++ b/tools/computer.c
@@ -1166,6 +1166,12 @@ adcli_tool_computer_managed_service_account (adcli_conn *conn,
 
 	adcli_enroll_set_is_service (enroll, true);
 	adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT);
+	res = adcli_enroll_add_keytab_for_service_account (enroll);
+	if (res != ADCLI_SUCCESS) {
+		warnx ("Failed to set domain specific keytab name");
+		adcli_enroll_unref (enroll);
+		return 2;
+	}
 
 	res = adcli_enroll_load (enroll);
 	if (res != ADCLI_SUCCESS) {