diff --git a/states/systems/core/freeipa/manual/init.sls b/states/systems/core/freeipa/manual/init.sls
index 8954e33..faa0c27 100644
--- a/states/systems/core/freeipa/manual/init.sls
+++ b/states/systems/core/freeipa/manual/init.sls
@@ -11,7 +11,7 @@ set_salt_ipa_password:
 
 create_host:
   cmd.run:
-    - name: 'sshpass -p $SALT_PASSWORD ssh salt@ipa.actcur.com -oStrictHostKeyChecking=no "rm {{hostname}}.keytab;echo $SALT_PASSWORD | kinit salt;ipa host-add --force --ip-address={{ip}} {{hostname}}.actcur.com; ipa host-allow-create-keytab {{hostname}}.actcur.com --groups enroller;/usr/sbin/ipa-getkeytab -s ipa.actcur.com -p host/{{hostname}}.actcur.com -k ./{{hostname}}.keytab"'
+    - name: 'sshpass -p $SALT_PASSWORD ssh salt@ipa.actcur.com -oStrictHostKeyChecking=no "rm {{hostname}}.keytab;echo $SALT_PASSWORD | kinit salt;ipa host-add --force --ip-address={{ip}} {{hostname}}.actcur.com --class=server; ipa host-allow-create-keytab {{hostname}}.actcur.com --groups server_enroller;/usr/sbin/ipa-getkeytab -s ipa.actcur.com -p host/{{hostname}}.actcur.com -k ./{{hostname}}.keytab"'
 
 grab_keytab:
   cmd.run: