diff --git a/roles/ldapclient/tasks/configLdapClient.yml b/roles/ldapclient/tasks/configLdapClient.yml
index 3e22db75422d4647405933e4379b34548da6aa24..4b91158eed7187ebd807b0d995e306aa023d2d03 100644
--- a/roles/ldapclient/tasks/configLdapClient.yml
+++ b/roles/ldapclient/tasks/configLdapClient.yml
@@ -39,6 +39,11 @@
   sudo: true
   notify: restart sssd
 
+- name: "Make the cache a tmpfs"
+  mount: name=/var/lib/sss/db/ src=tmpfs fstype=tmpfs opts='size=40m' state=mounted
+  become: true
+  become_user: root
+
 - name: "start sssd"
   service: name=sssd state=started enabled=yes
   sudo: true
diff --git a/roles/ldapclient/templates/sssd.j2 b/roles/ldapclient/templates/sssd.j2
index 3e3df42240f606921eb7acdb4dbbaa510f43664b..17de2c97c1a66d05cc994902d51ab1f08476c723 100644
--- a/roles/ldapclient/templates/sssd.j2
+++ b/roles/ldapclient/templates/sssd.j2
@@ -12,10 +12,10 @@ filter_groups = slurm, munge
 [domain/{{ ldapDomain }}]
 ldap_referrals = false
 cache_credentials = false
-entry_cache_timeout=120
-memcache_timeout=120
+entry_cache_timeout=5400
+memcache_timeout=300
 entry_cache_nowait_percentage=50
-enumerate = true
+enumerate = false
 
 id_provider = ldap
 auth_provider = ldap