Content Platform Engine needs to have the password for the "identity" user account and this is done by setting up a keytab (key table).
Create the Kerberos keytab using either Microsoft's ktpass utility, which is the preferred method, or by using the ktab utility that comes with the Java Development Kit (JDK).
The normal location for the keytab file is home/krb5.keytab, where home is the Java home directory for the account running the Content Platform Engine. The Java home directory varies from operating system to operating system, so for example, it could be: C:/Documents and Settings/mike.MYDO/krb5.keytab.
After creating the keytab with either of the two methods, it might be desirable to move it, perhaps from one system to another, or to a more secure path. If the keytab file is not in the expected Java home position, this will require using either the keytabPath= or tgtLoginConfigName= option in the Content Platform Engine KrbServiceLoginModule JAAS configuration, which is covered in another Kerberos topic.