The ktpass command-line tool allows non-Windows services that support Kerberos authentication to use the interoperability features with Active Directory..
keytab – is a file containing pairs of Kerberos principals and encrypted keys (which are derived from the Kerberos password). You can use a keytab file to authenticate to various remote systems using Kerberos without entering a password. However, when you change your Kerberos password, you will need to recreate all your keytabs.
Example of use:
ktpass -princ HTTP/ws00.local.test@LOCAL.TEST -mapuser service.ws00@LOCAL.TEST -pass strongPassword -ptype KRB5_NT_PRINCIPAL -out c:\temp\krb5.keytab