You need to generate the ServiceKeytab file on your Kerberos (AD) server in order to configure Kerberos on your library. This is the file you select when configuring Kerberos. See Configuring Kerberos.
ktpass -out library.keytab -princ library/ <fqdn of library> @ <realm> +rndPass -ptype KRB5_NT_SRV_HST -crypto RC4-HMAC-NT -mapUser <realm> /computers/ <computer account>
For example:
ktpass -out library.keytab -princ library/delos.dvt.mycompany.com@OURREALM.LOCAL +rndPass -ptype KRB5_NT_SRV_HST -crypto RC4-HMAC-NT -mapUser ourrealm.local/computers/kerbtest
ktpass -out library.keytab -princ library/<fqdn of library>@<realm> +rndPass -ptype KRB5_NT_SRV_HST -crypto AES256-SHA1 -mapUser <realm>/computers/<computer account>
For example:
ktpass -out library.keytab -princ library/delos.dvt.mycompany.com@OURREALM.LOCAL +rndPass -ptype KRB5_NT_SRV_HST -crypto AES256-SHA1 -mapUser ourrealm.local/computers/kerbtest
See also: