diff --git a/roles/ldapclient/tasks/configLdapClient.yml b/roles/ldapclient/tasks/configLdapClient.yml
index 4b91158eed7187ebd807b0d995e306aa023d2d03..5b667f2e4f348690bf4993b29539557f3d8907c4 100644
--- a/roles/ldapclient/tasks/configLdapClient.yml
+++ b/roles/ldapclient/tasks/configLdapClient.yml
@@ -4,39 +4,47 @@
   with_items:
     - pam_ldap.conf
     - nsswitch.conf
-  sudo: true
+  become: true
+  become_user: root
 
 - name: "make basedir"
-  file: path="{{ ldapCaCertFile | dirname }}" state=directory owner=root
-  sudo: true
+  file: path="{{ ldapCaCertFile | dirname }}" state=directory owner=root follow=yes
+  become: true
+  become_user: root
   ignore_errors: true
 
 - name: "Copy the CA cert"
   copy: src={{ ldapCaCertSrc }} dest={{ ldapCaCertFile }} owner=root mode=644
-  sudo: true
+  become: true
+  become_user: root
   when: ldapCaCertSrc is defined
 
 - name: "Template CA cert"
   template: src=ldapCaCert.j2 dest={{ ldapCaCertFile }} owner=root mode=644
-  sudo: true
+  become: true
+  become_user: root
   when: ldapCaCertContents is defined
 
 - name: "Copy system auth"
   template: src=system-auth.j2 dest=/etc/pam.d/system-auth
-  sudo: true
+  become: true
+  become_user: root
 
 - name: "Copy password auth"
   template: src=password-auth.j2 dest=/etc/pam.d/password-auth
-  sudo: true
+  become: true
+  become_user: root
 
 - name: "Add LDAP server IP address to /etc/hosts"
   lineinfile: dest=/etc/hosts line="{{ ldapServerHostIpLine }}" state=present insertafter=EOF
-  sudo: true
+  become: true
+  become_user: root
   when: ldapServerHostIpLine is defined
 
 - name: "Copy sssd.conf to ldap client"
   template: src=sssd.j2 dest=/etc/sssd/sssd.conf owner=root group=root mode=600
-  sudo: true
+  become: true
+  become_user: root
   notify: restart sssd
 
 - name: "Make the cache a tmpfs"
@@ -46,4 +54,5 @@
 
 - name: "start sssd"
   service: name=sssd state=started enabled=yes
-  sudo: true
+  become: true
+  become_user: root