diff --git a/docs/rolereference.rst b/docs/rolereference.rst
index acf80e381267f6ab8adf950c00deca3578eb7b03..70d81b4a1075108b5026ad1e6c58868978424653 100644
--- a/docs/rolereference.rst
+++ b/docs/rolereference.rst
@@ -273,3 +273,60 @@ packages on all servers:
     - emacs23-nox
     - screen
     - debconf-utils
+
+
+LDAP Client
+-----------
+
+The ``ldap_client`` role can be used for setting-up an OpenLDAP client on
+destination machine.
+
+The role implements the followings:
+
+* Installs OpenLDAP client tools.
+* Sets-up global configuration file for OpenLDAP clients at /etc/ldap/ldap.conf.
+
+
+Parameters
+~~~~~~~~~~
+
+**ldap_client_config** (list, mandatory)
+  A list of configuration options that should be put into the LDAP configuration
+  file. Each item is a dictionary with the following options defining the
+  configuration parameter:
+
+  **comment** (string, mandatory)
+    Comment that will be shown in the file just above the configuration option.
+
+  **option** (string, mandatory)
+    Name of configuration option.
+
+  **value** (string, mandatory)
+    Value for configuration option.
+
+
+Examples
+~~~~~~~~
+
+Here is an example configuration for setting some common LDAP client options:
+
+.. code-block:: yaml
+
+  ---
+
+  ldap_client_config:
+    - comment: Set the base DN
+      option: BASE
+      value: dc=example,dc=com
+    - comment: Set the default URI
+      option: URI
+      value: ldap://ldap.example.com/
+    - comment: Set the truststore for TLS/SSL
+      option: TLS_CACERT
+      value: /etc/ssl/certs/example_ca.pem
+    - commment: Force basic server certificate verification
+      option: TLS_REQCERT
+      value: demand
+    - comment: Disable CRL checks for server certificate
+      option: TLS_CRLCHECK
+      value: none