diff --git a/ansible/playbooks/adhoc-ipagetkeytab.yml b/ansible/playbooks/adhoc-ipagetkeytab.yml
new file mode 100644
index 0000000..3863661
--- /dev/null
+++ b/ansible/playbooks/adhoc-ipagetkeytab.yml
@@ -0,0 +1,33 @@
+---
+# This playbook is meant to be used with callable variables, like adhoc or AWX.
+# What: Pulls keytabs for a kerberos service
+# What is expected:
+#  -> ipaService, using this format: SVC/hostname.rockylinux.org@ROCKYLINUX.ORG
+#  -> ipaKeytabFullPath: The full path to the keytab. Example: /etc/gitlab/gitlab.keytab
+#  -> ipaServer: This needs to be one of the IPA servers
+
+- name: Pull keytab from IPA
+  hosts: "{{ host }}"
+  become: false
+  gather_facts: false
+  vars_files:
+    - vars/encpass.yml
+
+  tasks:
+    - name: "Checking for user variables"
+      assert:
+        that:
+          - ipaadmin_password | mandatory
+          - ipaService | mandatory
+          - ipaKeytabFullPath | mandatory
+          - ipaServer | mandatory
+        success_msg: "Required variables provided"
+        fail_msg: "We are missing required information"
+
+    - name: "Pulling keytab"
+      command: "ipa-getkeytab -s {{ ipaServer }} -p {{ ipaService }} -k {{ ipaKeytabFullPath }}"
+      register: ipakeytab_result
+      changed_when:
+        - ipakeytab_result.rc == 0
+      tags:
+        - keytab