diff --git a/roles/ldap_server/tasks/main.yml b/roles/ldap_server/tasks/main.yml
index a3fcaf7a6bc511196c8a48c0eb15c6dbc5cb5495..757f822f69533fdc8a6785cf1feb3cae13557fcc 100644
--- a/roles/ldap_server/tasks/main.yml
+++ b/roles/ldap_server/tasks/main.yml
@@ -227,6 +227,11 @@
     filter: "(olcSuffix={{ ldap_server_int_basedn }})"
     rules: "{{ ldap_permissions }}"
 
+- name: Drop the admin entry corresponding to olcRootDN for database from directory
+  ldap_entry:
+    dn: "cn=admin,{{ ldap_server_int_basedn }}"
+    state: absent
+
 - name: Create basic LDAP directory structure
   ldap_entry:
     dn: "ou={{ item }},{{ ldap_server_int_basedn }}"
@@ -308,6 +313,9 @@
   notify:
     - Restart ferm
 
+# @TODO: This whole thing could be dropped if newer version of Ansible
+#        was in use (where community collection has the ldap_search
+#        module.
 - name: Deploy temporary file with LDAP admin password
   template:
     src: "ldap_admin_password.j2"
@@ -324,7 +332,11 @@
   failed_when: false
 
 - name: Update LDAP admin password
-  command: "ldappasswd -Y EXTERNAL -H ldapi:/// 'cn=admin,{{ ldap_server_int_basedn }}' -T /root/.ldap_admin_password"
+  ldap_attr:
+    dn: "olcDatabase={1}mdb,cn=config"
+    name: olcRootPW
+    values: "{{ ldap_admin_password | ldap_password_hash }}"
+    state: exact
   when: ldap_admin_password_check.rc != 0
 
 - name: Remove temporary file with LDAP admin password