If you want to configure your UNIX hosts to use a Windows 2000-based server as a Kerberos Key Distribution Center (KDC), you must generate a Kerberos keytab file. You can use the Ktpass utility, which is included with the Microsoft Windows 2000 Resource Kit, to create a keytab file for your UNIX host.
To create a UNIX keytab file to permit the UNIX host to authenticate with a Windows 2000-based server, you must create a user in Active Directory in Windows 2000. This user is used by the Kerberos service on the client. Then, generate the keytab file and copy it to the UNIX host.
To generate the host keytab file:
Start the Active Directory Management tool.
Right-click the Users folder, point to New, and then click User.
Type the name of the UNIX host for which you want to add Kerberos support.
Save the user.
Start a command prompt, and then type the following command