diff --git a/roles/sssd/templates/sssd.conf.j2 b/roles/sssd/templates/sssd.conf.j2
index e011ad2..8dc34b5 100644
--- a/roles/sssd/templates/sssd.conf.j2
+++ b/roles/sssd/templates/sssd.conf.j2
@@ -15,9 +15,13 @@ ldap_uri = ldaps://{{ ldap_server[0] }}
 ldap_search_base = {{ ldap_basedn }}
 ldap_schema = rfc2307bis
 ldap_group_member = uniqueMember
+ldap_user_uuid = entryUUID
+ldap_group_uuid = entryUUID
 ldap_id_use_start_tls = False
 ldap_tls_reqcert = demand
 ldap_sasl_mech = EXTERNAL
+ldap_tls_cacert = {{ tls_bundle }}
 ldap_tls_cert = {{ tls_certs }}/{{ inventory_hostname }}.crt
 ldap_tls_key = {{ tls_private }}/{{ inventory_hostname }}.key
+enumerate = true
 krb5_realm = {{ kerberos_realm }}