diff --git a/sssd_test_framework/roles/ipa.py b/sssd_test_framework/roles/ipa.py
index 2f8a09c6..3809af90 100644
--- a/sssd_test_framework/roles/ipa.py
+++ b/sssd_test_framework/roles/ipa.py
@@ -182,6 +182,13 @@ def setup(self) -> None:
         Obtain IPA admin Kerberos TGT.
         """
         super().setup()
+
+        # Restart SSSD so it is opened with new database files.
+        self.sssd.stop()
+        self.sssd.clear(db=True, memcache=True, logs=True, config=False)
+        self.sssd.start()
+
+        # Obtain admin TGT
         self.host.kinit()
 
     def fqn(self, name: str) -> str:
diff --git a/sssd_test_framework/utils/sssd.py b/sssd_test_framework/utils/sssd.py
index 8be420ed..90960840 100644
--- a/sssd_test_framework/utils/sssd.py
+++ b/sssd_test_framework/utils/sssd.py
@@ -12,6 +12,7 @@
 
 from ..hosts.base import BaseDomainHost
 from ..hosts.client import ClientHost
+from ..hosts.ipa import IPAHost
 from ..misc import to_list
 from ..roles.generic import GenericProvider
 
@@ -353,6 +354,8 @@ def set_service_user(self, user: str) -> None:
         if isinstance(self.host, ClientHost):
             if not self.host.features["non-privileged"]:
                 return  # service user configuration isn't supported at all
+        elif isinstance(self.host, IPAHost):
+            return  # not supported
         else:
             raise ValueError("Unexpected host type")