diff --git a/roles/ldapserver/tasks/main.yml b/roles/ldapserver/tasks/main.yml
index c007a12a85efccafa53b2520c6928f5f73e94953..bb5ce9b958b4f1bfd1ede412363fd1ce2358c62a 100644
--- a/roles/ldapserver/tasks/main.yml
+++ b/roles/ldapserver/tasks/main.yml
@@ -51,6 +51,18 @@
 - name: template ssl.ldif
   template: src=ssl_ldif.j2 dest=/tmp/ssl.ldif mode=600
 
+- name: template load_memberof.ldif
+  template: src=load_memberof_ldif.j2 dest=/tmp/load_memberof.ldif mode=600
+
+- name: template load_refint.ldif
+  template: src=load_refint_ldif.j2 dest=/tmp/load_refint.ldif mode=600
+
+- name: template memberOfConfig.ldif
+  template: src=memberOfConfig_ldif.j2 dest=/tmp/memberOfConfig.ldif mode=600
+
+- name: template refint_config.ldif
+  template: src=refint_config_ldif.j2 dest=/tmp/refint_config.ldif mode=600
+
 - name: template manager.ldif
   template: src=manager_ldif.j2 dest=/tmp/manager.ldif mode=600
   sudo: true
@@ -147,6 +159,46 @@
   sudo: true
   when: ppolicyOverlayConfigured|failed
 
+- name: check refint module loaded
+  shell: slapcat -b cn=config | grep "olcmoduleload"
+  sudo: true
+  ignore_errors: true
+  register: refintModuleLoaded
+
+- name: load refint module
+  shell: ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/load_refint.ldif -D cn=config 
+  sudo: true
+  when: refintModuleLoaded|failed
+
+- name: check memberof module loaded
+  shell: slapcat -b cn=config | grep "olcModuleLoad {.*}memberof"
+  sudo: true
+  ignore_errors: true
+  register: memberofModuleLoaded
+
+- name: load memberof module
+  shell: ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/load_memberof.ldif -D cn=config 
+  sudo: true
+  when: memberofModuleLoaded|failed
+
+- name: check member of config
+  shell: "ldapsearch -D {{ ldapManager }} -w {{ ldapManagerPassword }} -b {{ ldapGroupBase }} -x -H ldap://localhost objectClass=olcMemberOf"
+  ignore_errors: true
+  register: memberOfConfigured
+
+- name: add member of config 
+  shell: ldapadd -x -D {{ ldapManager }} -w {{ ldapManagerPassword }} -x -H ldap://localhost -f /tmp/memberOfConfig.ldif
+  when: memberOfConfigured|failed
+
+- name: check refinit config
+  shell: "ldapsearch -D {{ ldapManager }} -w {{ ldapManagerPassword }} -b {{ ldapGroupBase }} -x -H ldap://localhost objectClass=olcRefintConfig"
+  ignore_errors: true
+  register: refintConfigured
+
+- name: add refint config 
+  shell: ldapadd -x -D {{ ldapManager }} -w {{ ldapManagerPassword }} -x -H ldap://localhost -f /tmp/refint_config.ldif
+  when: refintConfigured|failed
+
 - name: check Manager config
   shell: "slapcat -b cn=config | grep 'olcRootDN: {{ ldapManager }}'"
   ignore_errors: true
diff --git a/roles/ldapserver/templates/load_memberof_ldif.j2 b/roles/ldapserver/templates/load_memberof_ldif.j2
new file mode 100644
index 0000000000000000000000000000000000000000..c47d42097a1b477454c370d40da90508ab00f911
--- /dev/null
+++ b/roles/ldapserver/templates/load_memberof_ldif.j2
@@ -0,0 +1,4 @@
+dn: cn=module{0},cn=config
+changetype: modify
+add: olcModuleLoad
+olcModuleLoad: memberof.la
diff --git a/roles/ldapserver/templates/load_refint_ldif.j2 b/roles/ldapserver/templates/load_refint_ldif.j2
new file mode 100644
index 0000000000000000000000000000000000000000..90d5f9f1f6b053e7697edd2f10bcd073740335da
--- /dev/null
+++ b/roles/ldapserver/templates/load_refint_ldif.j2
@@ -0,0 +1,3 @@
+dn: cn=module{0},cn=config
+add: olcmoduleload
+olcmoduleload: refint
diff --git a/roles/ldapserver/templates/memberOfConfig_ldif.j2 b/roles/ldapserver/templates/memberOfConfig_ldif.j2
new file mode 100644
index 0000000000000000000000000000000000000000..61f8685e69dcbc48ad623cf49f0ffa8be87f46ef
--- /dev/null
+++ b/roles/ldapserver/templates/memberOfConfig_ldif.j2
@@ -0,0 +1,11 @@
+dn: olcOverlay=memberof,olcDatabase={2}bdb,cn=config
+objectClass: olcConfig
+objectClass: olcMemberOf
+objectClass: olcOverlayConfig
+objectClass: top
+olcOverlay: memberof
+olcMemberOfDangling: ignore
+olcMemberOfRefInt: TRUE
+olcMemberOfGroupOC: groupOfNames
+olcMemberOfMemberAD: member
+olcMemberOfMemberOfAD: memberOf
diff --git a/roles/ldapserver/templates/refint_config_ldif.j2 b/roles/ldapserver/templates/refint_config_ldif.j2
new file mode 100644
index 0000000000000000000000000000000000000000..343e4006320c959ce84d54fefcb54ff6c3181cc3
--- /dev/null
+++ b/roles/ldapserver/templates/refint_config_ldif.j2
@@ -0,0 +1,7 @@
+dn: olcOverlay=refint,olcDatabase={2}bdb,cn=config
+objectClass: olcConfig
+objectClass: olcOverlayConfig
+objectClass: olcRefintConfig
+objectClass: top
+olcOverlay: refint
+olcRefintAttribute: memberof member manager owner