diff --git a/roles/krb5/defaults/main.yml b/roles/krb5/defaults/main.yml
index acc70a2af7fd7f3c10076832941d838229d98968..dfdec757427b57d9a66cd923f6369defe7f4e797 100644
--- a/roles/krb5/defaults/main.yml
+++ b/roles/krb5/defaults/main.yml
@@ -8,6 +8,7 @@ krb5_realm:
 krb5_servers:
 krb5_dns_lookup_realm: "false"
 krb5_dns_lookup_kdc: "false"
+krb5_no_default_domain: "false"
 krb5_default_ccache_name: KEYRING:persistent:%{uid}
 
 krb5_pkinit_anchors: FILE:/var/lib/ipa-client/pki/kdc-ca-bundle.pem
diff --git a/roles/krb5/tasks/main.yml b/roles/krb5/tasks/main.yml
index 722678b0be17bb97f7e75a45c8fb5d7cbd2abf5b..811dcf8f45e50536deabccc91bdf636f14460f7d 100644
--- a/roles/krb5/tasks/main.yml
+++ b/roles/krb5/tasks/main.yml
@@ -13,8 +13,9 @@
 - name: Template krb5.conf
   template:
     src: krb5.conf.j2
-    dest: /etc/krb5.conf
-    backup: yes
+    dest: "{{ krb5_conf }}"
+    backup: no
     owner: root
     group: root
     mode: 0644
+    force: yes
\ No newline at end of file
diff --git a/roles/krb5/templates/krb5.conf.j2 b/roles/krb5/templates/krb5.conf.j2
index 2401bd84da301b0b99a679bdea90cc088eb99a92..55671e51989475a99a0a78ca4ea305c99ed0f311 100644
--- a/roles/krb5/templates/krb5.conf.j2
+++ b/roles/krb5/templates/krb5.conf.j2
@@ -20,7 +20,9 @@ includedir {{ krb5_include_d }}
     admin_server = {{ server }}:749
     kpasswd_server = {{ server }}:464
 {% endfor %}
+{% if krb5_no_default_domain | bool %}
     default_domain = {{ krb5_realm | lower }}
+{% endif %}
     pkinit_anchors = {{ krb5_pkinit_anchors }}
     pkinit_pool = {{ krb5_pkinit_pool }}
   }