diff --git a/roles/sssd/templates/sssd.conf.j2 b/roles/sssd/templates/sssd.conf.j2
index 82aa6b1..6aed734 100644
--- a/roles/sssd/templates/sssd.conf.j2
+++ b/roles/sssd/templates/sssd.conf.j2
@@ -8,11 +8,11 @@ domains = {{ kerberos_realm }}
 [pam]
 
 [domain/{{ kerberos_realm }}]
-id_provider = ldap
-auth_provider = krb5
-chpass_provider = ldap
 autofs_provider = none
 sudo_provider = none
+
+id_provider = ldap
+chpass_provider = ldap
 ldap_uri = ldaps://{{ ldap_server[0] }}
 ldap_search_base = {{ ldap_basedn }}
 ldap_schema = rfc2307bis
@@ -25,4 +25,6 @@ ldap_sasl_mech = EXTERNAL
 ldap_tls_cacert = {{ tls_bundle }}
 ldap_tls_cert = {{ tls_certs }}/{{ inventory_hostname }}.crt
 ldap_tls_key = {{ tls_private }}/{{ inventory_hostname }}.key
+
+auth_provider = krb5
 krb5_realm = {{ kerberos_realm }}