diff --git a/initial_install/roles/freeipa_client/tasks/main.yml b/initial_install/roles/freeipa_client/tasks/main.yml
index 01a9150..632ce13 100644
--- a/initial_install/roles/freeipa_client/tasks/main.yml
+++ b/initial_install/roles/freeipa_client/tasks/main.yml
@@ -1,13 +1,4 @@
-```yaml
 ---
-- name: DEBUG - confirm new file is used
-  ansible.builtin.debug:
-    msg: "🔥 NEW FREEIPA ROLE VERSION IS RUNNING 🔥"
-
-- name: DEBUG - show ipa_admin_password presence
-  ansible.builtin.debug:
-    msg: "ipa_admin_password={{ ipa_admin_password | default('NOT SET') }}"
-
 - name: Install FreeIPA client packages
   ansible.builtin.package:
     name:
@@ -18,41 +9,49 @@
       - oddjob-mkhomedir
     state: present
 
-- name: Set hostname (FQDN)
+- name: Set hostname FQDN
   ansible.builtin.hostname:
     name: "{{ inventory_hostname }}.im.lab"
 
-- name: DEBUG - show hostname used
-  ansible.builtin.debug:
-    msg: "Hostname will be {{ inventory_hostname }}.im.lab"
+- name: Check if FreeIPA client is already configured
+  ansible.builtin.stat:
+    path: /etc/ipa/default.conf
+  register: ipa_client_conf
 
 - name: Enroll to FreeIPA
-  ansible.builtin.command: >
-    ipa-client-install
-    --domain=im.lab
-    --realm=IPA.IM.LAB
-    --server=ipa.im.lab
-    --hostname={{ inventory_hostname }}.im.lab
-    --mkhomedir
-    --principal=admin
-    --password={{ ipa_admin_password }}
-    --unattended
-  args:
-    creates: /etc/ipa/default.conf
+  ansible.builtin.command:
+    argv:
+      - ipa-client-install
+      - --domain=im.lab
+      - --realm=IPA.IM.LAB
+      - --server=ipa.im.lab
+      - "--hostname={{ inventory_hostname }}.im.lab"
+      - --mkhomedir
+      - --principal=admin
+      - --password={{ ipa_admin_password }}
+      - --unattended
+      - --force-join
+  no_log: true
+  when: not ipa_client_conf.stat.exists
 
-- name: Configure SSSD
-  freeipa.ansible_freeipa.ipaclient_setup_sssd:
-    servers:
-      - ipa.im.lab
-    domain: im.lab
-    realm: IPA.IM.LAB
-    hostname: "{{ inventory_hostname }}.im.lab"
-    no_krb5_offline_passwords: true
-  notify: Restart SSSD
+- name: Enable mkhomedir
+  ansible.builtin.command:
+    argv:
+      - authselect
+      - enable-feature
+      - with-mkhomedir
+  register: authselect_mkhomedir
+  changed_when: "'already enabled' not in authselect_mkhomedir.stdout"
+  failed_when: false
+
+- name: Enable and start oddjobd
+  ansible.builtin.service:
+    name: oddjobd
+    state: started
+    enabled: true
 
 - name: Enable and start SSSD
   ansible.builtin.service:
     name: sssd
     state: started
-    enabled: true
-```
+    enabled: true
\ No newline at end of file