diff --git a/app/ldap_protocol/ldap_requests/add.py b/app/ldap_protocol/ldap_requests/add.py
index 6f29fe9af..6dd5db9b5 100644
--- a/app/ldap_protocol/ldap_requests/add.py
+++ b/app/ldap_protocol/ldap_requests/add.py
@@ -4,6 +4,7 @@
 License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE
 """
 
+import contextlib
 from typing import AsyncGenerator, ClassVar
 
 from pydantic import Field, SecretStr
@@ -17,6 +18,7 @@
 from ldap_protocol.kerberos.exceptions import (
     KRBAPIAddPrincipalError,
     KRBAPIConnectionError,
+    KRBAPIDeletePrincipalError,
 )
 from ldap_protocol.ldap_codes import LDAPCodes
 from ldap_protocol.ldap_responses import INVALID_ACCESS_RESPONSE, AddResponse
@@ -453,13 +455,20 @@ async def handle(  # noqa: C901
                 # in case server is not available: raise error and rollback
                 # stub cannot raise error
                 if user:
+                    # NOTE: Try to delete existing principal if any
+                    with contextlib.suppress(KRBAPIDeletePrincipalError):
+                        await ctx.kadmin.del_principal(
+                            user.get_upn_prefix(),
+                        )
+
                     pw = (
                         self.password.get_secret_value()
                         if self.password
                         else None
                     )
                     await ctx.kadmin.add_principal(user.get_upn_prefix(), pw)
-                if is_computer:
+
+                elif is_computer:
                     await ctx.kadmin.add_principal(
                         f"{new_dir.host_principal}.{base_dn.name}",
                         None,
diff --git a/interface b/interface
index f31962020..95ed5e191 160000
--- a/interface
+++ b/interface
@@ -1 +1 @@
-Subproject commit f31962020a6689e6a4c61fb3349db5b5c7895f92
+Subproject commit 95ed5e191cdafa07b1dfac96a1659926679ead97