Samba as a frontend to AFS

[Luke Howard]

>The "net keytab" is a command that there has been an internal
>request at HP for - thanks ! The ability to generate a "normal"
>krb5 keytab from our secrets database is definately needed.
>
>One thing I was told is that at least with W2K3 they key version
>number is incremented by one on each machine password change,
>I don't think we currently do this.

The current KVNO can be read from the msDS-KeyVersionNumber 
attribute in AD. This should be the same as the KVNO in the
keytab.

-- Luke