diff --git a/roles/nfs-client/defaults/main.yml b/roles/nfs-client/defaults/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..60ca9c1121024edab84bedf7029f8a54423cb685
--- /dev/null
+++ b/roles/nfs-client/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+nfs_server: "nfsserver.edu" 
+nfs_type: "nfs"
+nfs_options: "vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock"
diff --git a/roles/nfs-client/handlers/main.yml b/roles/nfs-client/handlers/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..eb242b5c5587039a557db04807f01bf79d1f0c14
--- /dev/null
+++ b/roles/nfs-client/handlers/main.yml
@@ -0,0 +1,13 @@
+---
+- name: restart authentication
+  shell: authconfig --updateall
+  when: nfs_type == "nfs4"
+  sudo: true
+
+- name: restart idmap 
+  service: name={{ item }} state=restarted
+  with_items:
+    - rpcbind
+    - rpcidmapd
+  when: nfs_type == "nfs4"
+  sudo: true
diff --git a/roles/nfs-client/meta/main.yml b/roles/nfs-client/meta/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..b9aac547833a84311b7337de3cd9bdcfbc6c846a
--- /dev/null
+++ b/roles/nfs-client/meta/main.yml
@@ -0,0 +1,4 @@
+---
+dependencies:
+  - {role: nfs-common }
+
diff --git a/roles/nfs-client/tasks/mountFileSystem.yml b/roles/nfs-client/tasks/mountFileSystem.yml
index 1b9d5d2b8c121c3d039d0df5135c9b6fd9053d6b..7944c079ce1786a48ca21514985f77e1043e8ed7 100644
--- a/roles/nfs-client/tasks/mountFileSystem.yml
+++ b/roles/nfs-client/tasks/mountFileSystem.yml
@@ -1,8 +1,12 @@
 --- 
 - 
-  mount: "name={{ item.0 }} src={{ nfs_server }}:{{ item.1 }} fstype=nfs opts=vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock state=mounted"
+  mount: "name={{ item.0 }} src={{ nfs_server }}:{{ item.1 }} fstype={{ nfs_type }} opts={{ nfs_options }} state=mounted"
   name: "Mounting NFS mounts"
   with_together: 
     - destDir
     - srcDir
+  notify: "restart authentication"
+  notify: "restart idmap"
+  sudo: true 
 
+  
diff --git a/roles/nfs-common/tasks/yumPackages.yml b/roles/nfs-common/tasks/yumPackages.yml
index b0bc93f6bf9808cf1269d8d2f9ddbc5ed6eb27c0..c6daa0dc26c42e352d8027edeb938503fc2f7cf4 100644
--- a/roles/nfs-common/tasks/yumPackages.yml
+++ b/roles/nfs-common/tasks/yumPackages.yml
@@ -5,3 +5,4 @@
     - bind-utils
     - nfs-utils
   yum: "name={{ item }} state=latest"
+  sudo: true
diff --git a/roles/nfs-server/meta/main.yml b/roles/nfs-server/meta/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..b9aac547833a84311b7337de3cd9bdcfbc6c846a
--- /dev/null
+++ b/roles/nfs-server/meta/main.yml
@@ -0,0 +1,4 @@
+---
+dependencies:
+  - {role: nfs-common }
+
diff --git a/roles/openLdapClient/defaults/main.yml b/roles/openLdapClient/defaults/main.yml
index f9359011bbf6028ad37b562dd55e9f66e7e780c8..a106dc093b84fc9f6390b1c74bde7cb1f01ab607 100644
--- a/roles/openLdapClient/defaults/main.yml
+++ b/roles/openLdapClient/defaults/main.yml
@@ -14,5 +14,4 @@ ldapCaCertFileSource: "/etc/openldap/certs"
 cacertFile: "ca.pem"
 ldapRfc2307: ""
 ldapRfc2307Pam: ""
-
-
+ldapServerHost: "10.0.0.1 ldapserver.com"
diff --git a/roles/openLdapClient/handlers/main.yml b/roles/openLdapClient/handlers/main.yml
index c845e0a6c44fb13c1b67e8dae5a5b9075740a04b..d9a0a7d61f6aa04d738b605a9211d185629ef338 100644
--- a/roles/openLdapClient/handlers/main.yml
+++ b/roles/openLdapClient/handlers/main.yml
@@ -1,3 +1,8 @@
 ---
-  - name: restart sssd 
-    service: name=sssd state=restarted
+- name: auth config
+  shell: authconfig --updateall
+  sudo: true
+
+- name: restart sssd 
+  service: name=sssd state=restarted
+  sudo: true
diff --git a/roles/openLdapClient/tasks/configLdapClient.yml b/roles/openLdapClient/tasks/configLdapClient.yml
index e86abd7d6114536673e37fb3412b157f4e592fa7..0becac8d6a575d1deeaa704b34ef11ece736e330 100644
--- a/roles/openLdapClient/tasks/configLdapClient.yml
+++ b/roles/openLdapClient/tasks/configLdapClient.yml
@@ -16,9 +16,7 @@
   sudo: true
 
 - name: "Insert LDAP IP address LDAP to /etc/hosts"
-  lineinfile: dest=/etc/hosts line='130.220.209.234 m2-w.massive.org.au' state=present insertafter=EOF
-#  lineinfile: dest=/etc/hosts regexp=^130.220.209.234 line=130.220.209.234 m2-w.massive.org.au state=present insertafter=EOF
-#  lineinfile: dest=/etc/hosts regexp=^130.220.209.234 line=130.220.209.234 m2-w.massive.org.au state=present 
+  lineinfile: dest=/etc/hosts line="{{ ldapServerHost }}" state=present insertafter=EOF
   sudo: true
 
 - name: "Copy ldap.conf file "
@@ -26,12 +24,12 @@
   sudo: true
 
 - name: "Copy ldap cacert file"
-  copy: src={{ ldapCaCertFileSource }}/cacert.pem dest=/etc/openldap/certs/cacert.pem owner=root group=root mode=0644
+  copy: src={{ ldapCaCertFileSource }} dest={{ tlsCaCertFile }} owner=root group=root mode=0644
   sudo: true
 
 - name: "Copy sssd.conf to ldap client"
   template: src=sssd.j2 dest=/etc/sssd/sssd.conf owner=root group=root mode=600
   sudo: true
-  notify: restart sssd 
+  notify: auth config