diff --git a/roles/ldap_server/files/ldap-backup.sh b/roles/ldap_server/files/ldap-backup.sh
index 9669766..7942743 100755
--- a/roles/ldap_server/files/ldap-backup.sh
+++ b/roles/ldap_server/files/ldap-backup.sh
@@ -1,4 +1,6 @@
-#!/bin/bash
+#!/bin/sh
+
+set -eu
 
 umask 027
 
@@ -16,7 +18,7 @@ DATE="$(date '+%Y-%m-%d')"
 
 ldapsearch -LLL -x -H ldapi:// -s base -b 'cn=Databases,cn=Monitor' \
     '(objectClass=*)' namingContexts | \
-    sed -n 's/^namingContexts: \(.*\)/\1/p' | while read db ; do
+    sed -n 's/^namingContexts: \(.*\)/\1/p' | while read -r db ; do
         [ "${db}" = "cn=config" ] && continue
         if ! slapcat -f /etc/openldap/slapd.conf -b "${db}" 2> /dev/null | \
             gzip > "${BACKUPDIR}/${db}.${DATE}.gz" ; then