Add kpasswd_server to the Kerberos configuration
According to [the KdcProxy
docs](https://github.com/latchset/kdcproxy#configuring-a-client-for-kdcproxy),
the configuration should have a `kpasswd_server` entry. It will enable
the necessary password change flow for users with an expired password,
and prevent issues such as
[noggin #895](https://github.com/fedora-infra/noggin/issues/895).
Without this value:
```
$ kinit -T FILE:/tmp/armor.ccache abompard@STG.FEDORAPROJECT.ORG
Enter OTP Token Value: [password+OTP]
Password expired. You must change it now.
Enter new password: [new password]
Enter it again: [new password]
kinit: Cannot find KDC for realm "STG.FEDORAPROJECT.ORG" while getting initial credentials
```
With this value:
```
$ kinit -T FILE:$HOME/armor.ccache abompard@STG.FEDORAPROJECT.ORG
Enter OTP Token Value: [password+OTP]
Password expired. You must change it now.
Enter new password: [new password]
Enter it again: [new password]
Enter OTP Token Value: [password+OTP]
```
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>