Kerberos Delegation Account Password Change
Hello, We have successfully setup client side kerberos SSO with SWG. We had to merge several different keytab files together so that users in every domain could be validated by the APM. My company has a policy of changing service account passwords once a year and this would include changing the password in the Kerberos Delegation Account used to create the keytab files. This maybe a stupid question, but I can't seem to find an answer.
Question: Will we need to recreate all our keytab files(and merge them) every time the kerberos delegation account password changes?
I have changed the password in my test lab and nothing seems to have broke so I was just curious what should changing the kerberos delegation account password change, besides the password?
Thanks!