If the named principal exists in either the Kerberos or admin principal database, but not both, return KADM5_BAD_DB.
If pw_history_num changes and the new value is smaller than the
current value of num_old_keys, old_keys should end up with the
most recent keys; these are found by counting backwards
elements
in old_keys from old_key_next. old_key_nexts should then be reset to
0, the oldest of the saved keys, and num_old_keys set to
, the
new actual number of old keys in the array.