diff --git a/roles/ldapclient/templates/sssd.j2 b/roles/ldapclient/templates/sssd.j2
index 17de2c97c1a66d05cc994902d51ab1f08476c723..7590914627ea3a8deb38cf0c1ca9d4606b70cc53 100644
--- a/roles/ldapclient/templates/sssd.j2
+++ b/roles/ldapclient/templates/sssd.j2
@@ -22,7 +22,12 @@ auth_provider = ldap
 chpass_provider = ldap
 access_provider = ldap
 
+{% if ldapROURI is defined %}
+ldap_uri = {{ ldapURI }}, {{ ldapROURI }}
+ldap_chpass_uri = {{ ldapURI }}
+{% else %}
 ldap_uri = {{ ldapURI }} 
+{% endif %}
 ldap_id_use_start_tls = True
 ldap_tls_reqcert = allow 
 ldap_tls_cacert = {{ ldapCaCertFile }}