Kerberizing services available in an IdM domain- how to add a service

If I am reading the Identity Management guide correctly, all services available in a IdM domain are by default subjected to Kerberos ticketing. If I am reading it wrong, how do you add a new service to Kerberos within the IdM domain? Is it any different than adding a service to be ticketed by a stand-alone KDC (creating a principal for that service)?
Let's say I decided to have an NFS server within an IdM domain but I haven't touched anything Kerberos- related in that domain. Will the NFS service automatically be Kerberized without me needing to add it as a new principal?