With MIT Kerberos, the kadmin utility supports the creation of principals that have an explicit maximum ticket lifetime and renewal lifetime (-maxlife and -maxrenewlife arguments for add_principal) which may be different than the realm's default ticket lifetime and renewal lifetime. So if your realm has a default lifetime of 24 hours and renewal lifetime of 7 days, a given principal could be 1 hour and 1 day respectively.
I'm trying to figure out whether Active Directory's Kerberos implementation supports the same thing. My gut says no, but I'm having a hard time definitively proving it other than not being able to find any obvious attributes on an account that might enable that ability.
Can anyone confirm or deny my gut answer?
Per my reading of it, no. It's like Password Policy - it's defined at the domain level.
http://technet.microsoft.com/en-us/library/cc757692(v=ws.10).aspx#w2k3tr_sepol_accou_set_hpjo
Fine-grained password policies can't be used for this, because they don't include Kerberos settings.
http://technet.microsoft.com/en-us/library/cc770394(v=ws.10).aspx
Sorry to say, it appears you're out of luck.