Creating a keytab file
After you create the SPN, you must create a keytab file for the service. The keytab file allows the service to log in without a password. The keytab file must be re-created if the service account password changes.
Procedure
Use the following command to create a keytab file:
ktpass -out krb5.keytab -princ SPN -mapUser username -mapOp
set -pass password -pType KRB5_NT_PRINCIPAL -crypto
RC4-HMAC-NT
For example,
ktpass -out
krb5.keytab -princ dqm/myserver.mydomain.com@mywindowsdomain.com -mapUser dqmuser@mywindowsdomain -mapOp
set -pass password -pType KRB5_NT_PRINCIPAL -crypto
RC4-HMAC-NT