diff --git a/roles/ipaclient/library/ipaclient_test.py b/roles/ipaclient/library/ipaclient_test.py
index a3dead2a57b521d9f82711c557bb4f726b1d592d..444792977b6dc2e8c916eb0960249ce9a54770e5 100644
--- a/roles/ipaclient/library/ipaclient_test.py
+++ b/roles/ipaclient/library/ipaclient_test.py
@@ -848,14 +848,18 @@ def main():
# Check if ipa client is already configured
if is_client_configured():
+ client_already_configured = True
+
# Check that realm and domain match
current_config = get_ipa_conf()
if cli_domain != current_config.get('domain'):
- return module.fail_json(msg="IPA client already installed "
- "with a conflicting domain")
+ module.fail_json(msg="IPA client already installed "
+ "with a conflicting domain")
if cli_realm != current_config.get('realm'):
- return module.fail_json(msg="IPA client already installed "
- "with a conflicting realm")
+ module.fail_json(msg="IPA client already installed "
+ "with a conflicting realm")
+ else:
+ client_already_configured = False
# Done
module.exit_json(changed=False,
@@ -868,6 +872,7 @@ def main():
client_domain=client_domain,
dnsok=dnsok,
sssd=options.sssd,
+ client_already_configured=client_already_configured,
ipa_python_version=IPA_PYTHON_VERSION)
if __name__ == '__main__':
diff --git a/roles/ipaclient/tasks/install.yml b/roles/ipaclient/tasks/install.yml
index 03c3910729f5d86269bdf41427c3807ad039a740..0b70d02aaf7757241f3cd679af15a31bee42d7e2 100644
--- a/roles/ipaclient/tasks/install.yml
+++ b/roles/ipaclient/tasks/install.yml
@@ -53,6 +53,9 @@
enable_dns_updates: "{{ ipassd_enable_dns_updates }}"
register: result_ipaclient_test
+- meta: end_play
+ when: result_ipaclient_test.client_already_configured and not ipaclient_allow_repair | bool and not ipaclient_force_join | bool
+
- name: Install - Set default principal if no keytab is given
set_fact:
ipaadmin_principal: admin