diff --git a/roles/ldap_server/tasks/main.yml b/roles/ldap_server/tasks/main.yml
index 0bdb3a227199bc1665c837553d790274f2929422..37d4d516a65970125bcfdd0f569b20a122754e03 100644
--- a/roles/ldap_server/tasks/main.yml
+++ b/roles/ldap_server/tasks/main.yml
@@ -82,7 +82,7 @@
   openssl_dhparam:
     owner: root
     group: openldap
-    mode: 0640
+    mode: "0640"
     path: "/etc/ssl/private/{{ ansible_fqdn }}_ldap.dh.pem"
     size: 2048
   notify:
@@ -92,7 +92,7 @@
   template:
     src: "ldap_tls_key.j2"
     dest: "/etc/ssl/private/{{ ansible_fqdn }}_ldap.key"
-    mode: 0640
+    mode: "0640"
     owner: root
     group: openldap
   notify:
@@ -102,7 +102,7 @@
   template:
     src: "ldap_tls_cert.j2"
     dest: "/etc/ssl/certs/{{ ansible_fqdn }}_ldap.pem"
-    mode: 0644
+    mode: "0644"
     owner: root
     group: root
   notify:
@@ -114,7 +114,7 @@
     dest: "/etc/check_certificate/{{ ansible_fqdn }}_ldap.conf"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
 
 # We need to have this hack around TLS configuration because OpenLDAP
 # expects both private key and certificate to be set at the same
@@ -292,7 +292,7 @@
     dest: "/etc/ferm/conf.d/10-ldap.conf"
     owner: root
     group: root
-    mode: 0640
+    mode: "0640"
   notify:
     - Restart ferm
 
@@ -305,7 +305,7 @@
     dest: "/root/.ldap_admin_password"
     owner: root
     group: root
-    mode: 0400
+    mode: "0400"
   changed_when: false
 
 - name: Test if LDAP admin password needs to be changed