Is your Kerberos server Windows or something else like a MIT KDC? If I know which one you are looking at I can point you to some docs that cover it further.
You are correct in that the AS7 server needs to have a prinicpal assigned to it, this needs to mapped to a service principal for it to be able to handle request. As part of the negotiation as the connection is made the client retrieved a ticket from the KDC for the expected identity of the server so as the negotiation messages are exhanged both the client and the server verify each other.