diff --git a/testing/btest/Baseline/scripts.base.protocols.krb.smb2_krb/.stdout b/testing/btest/Baseline/scripts.base.protocols.krb.smb2_krb/.stdout
new file mode 100644
index 0000000000..cd2430defe
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.krb.smb2_krb/.stdout
@@ -0,0 +1 @@
+wallior@DS.SUSQ.COM
diff --git a/testing/btest/Traces/krb/smb2_krb.keytab b/testing/btest/Traces/krb/smb2_krb.keytab
new file mode 100644
index 0000000000..0f637c1ef0
Binary files /dev/null and b/testing/btest/Traces/krb/smb2_krb.keytab differ
diff --git a/testing/btest/Traces/krb/smb2_krb.pcap b/testing/btest/Traces/krb/smb2_krb.pcap
new file mode 100755
index 0000000000..0f726f45d7
Binary files /dev/null and b/testing/btest/Traces/krb/smb2_krb.pcap differ
diff --git a/testing/btest/scripts/base/protocols/krb/smb2_krb.test b/testing/btest/scripts/base/protocols/krb/smb2_krb.test
new file mode 100644
index 0000000000..7aa78567b5
--- /dev/null
+++ b/testing/btest/scripts/base/protocols/krb/smb2_krb.test
@@ -0,0 +1,19 @@
+# This test verifies that given the proper keytab file, the 
+#   Kerberos analyzer can open the AD ticket in the Negociate
+#   Protocol Request and find the user.
+
+# @TEST-COPY-FILE: ${TRACES}/krb/smb2_krb.keytab
+# @TEST-EXEC: bro -b -C -r $TRACES/krb/smb2_krb.pcap %INPUT
+# @TEST-EXEC: btest-diff .stdout
+
+redef KRB::keytab = "smb2_krb.keytab";
+global monitor_ports: set[port] = { 445/tcp, 139/tcp } &redef;
+
+event bro_init() &priority=5{
+	Analyzer::register_for_ports(Analyzer::ANALYZER_SMB, monitor_ports);
+}
+
+event krb_ap_request(c: connection, ticket: KRB::Ticket, opts:  KRB::AP_Options){
+   print ticket$authenticationinfo;
+}
+