Index: trunk/server/common/oursrc/accountadm/signup-scripts-backend.in
===================================================================
--- trunk/server/common/oursrc/accountadm/signup-scripts-backend.in	(revision 2561)
+++ trunk/server/common/oursrc/accountadm/signup-scripts-backend.in	(revision 2575)
@@ -1,4 +1,5 @@
 #!/usr/bin/perl
 use strict;
+use File::Temp qw/ :POSIX /;
 
 # signup-scripts-backend
@@ -102,10 +103,19 @@
 }
 
+# Get credentials
+my $ccache = tmpnam();
+$ENV{'KRB5CCNAME'} = $ccache;
+my $exit_status = system("/usr/bin/kinit", "-k", "-t", "/etc/signup.keytab", "daemon/scripts-signup.mit.edu");
+if (($exit_status >> 8) != 0) {
+    die "Couldn't get Kerberos credentials for account creation!";
+}
 my $pid;
+my @ldap_servers = ('doppelganger', 'alter-ego', 'body-double');
+my $selected_server = $ldap_servers[int(rand(3))];
 defined ($pid = open LDAP, '|-') or complain("internal error");
 if (!$pid) {
 	close STDOUT;
 	open STDOUT, '>/dev/null';
-	exec '@ldapadd_path@', '-c', '-x', '-D', 'cn=Directory Manager', '-y', '/etc/signup-ldap-pw';
+	exec '@ldapadd_path@', '-c', '-Y', 'gssapi', '-H', "ldap://$selected_server.mit.edu";
 	exit 1;
 }
@@ -145,4 +155,6 @@
 #system('@sudo_path@', '-u', 'root', '/usr/sbin/setquota', $username, '0', '25000', '0', '10000', '-a');
 
+system("kdestroy");
+
 printexit("done", 0);