diff --git a/README.md b/README.md
index 39a74d7..975efc6 100644
--- a/README.md
+++ b/README.md
@@ -83,6 +83,8 @@ uncomment baselist and comment mirrorlist in /etc/yum.repos.d/epel.repo
 (http://stackoverflow.com/questions/30949707/centos-6-6-errno-1-repomd-xml-does-not-match-metalink-for-updates-when-tryin)
 Centos6 might also need ansible 2.1 (not 2.2) because of ```ERROR! Unexpected Exception: 'module' object has no attribute 'HAVE_DECL_MPZ_POWM_SEC'```
 
+* Adding ssh key task still seen as successful even if failed because a key was not readable, path incorrect or else. need to review log with verbosity 1.
+
 ## License
 
 BSD 2-clause
diff --git a/defaults/main.yml b/defaults/main.yml
index 00c26e6..3e928ad 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -16,8 +16,8 @@ adduser_password_update: on_create
 # adduser_shell: '/bin/bash'
 ## default expires account now after 6m+random up to 10d? only linux and freebsd
 # adduser_expires: "{{ ansible_date_time.epoch|int + 15552000 + 864000|random(step=86400) }}"
-# 2024/01/01 fixed time for idempotence
-adduser_expires: 1704070800
+# 2026/01/01 fixed time for idempotence
+adduser_expires: 1767272400
 # adduser_expires: ''
 ## wheel/admin group are handled directly if sudoroot true
 adduser_groups: []
diff --git a/tasks/main.yml b/tasks/main.yml
index 642aa17..c5200ca 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -122,7 +122,19 @@
         PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
       become: yes
       when: adduser_sudoroot_nopasswd
+- name: Set
+  when:
+    - not (adduser_sudoroot is defined and adduser_sudoroot and sudoers.stat.exists)
+  block:
+    - name: Set groups
+      ansible.builtin.set_fact:
+        final_groups: "{{ adduser_groups }}"
 
+- name: Ensure groups exist
+  ansible.builtin.group:
+    name: "{{ item }}"
+    state: present
+  loop: "{{ adduser_groups }}"
 - name: Add user to groups
   ansible.builtin.user:
     name: "{{ adduser_user_name }}"