diff --git a/roles/mail_server/molecule/default/host_vars/ldap-server.yml b/roles/mail_server/molecule/default/host_vars/ldap-server.yml
new file mode 100644
index 0000000000000000000000000000000000000000..3614a2a2ecc3c62c3cb9e10357ef507daa902be3
--- /dev/null
+++ b/roles/mail_server/molecule/default/host_vars/ldap-server.yml
@@ -0,0 +1,114 @@
+---
+
+# ldap_server role
+ldap_admin_password: admin
+ldap_entries:
+
+  # Users
+  - dn: uid=john,ou=people,dc=local
+    attributes:
+      objectClass:
+        - inetOrgPerson
+        - simpleSecurityObject
+      userPassword: johnpassword
+      uid: john
+      cn: John Doe
+      sn: Doe
+      mail: john.doe@domain1
+  - dn: uid=jane,ou=people,dc=local
+    attributes:
+      objectClass:
+        - inetOrgPerson
+        - simpleSecurityObject
+      userPassword: janepassword
+      uid: jane
+      cn: Jane Doe
+      sn: Doe
+      mail: jane.doe@domain2
+
+  - dn: uid=nomail,ou=people,dc=local
+    attributes:
+      objectClass:
+        - inetOrgPerson
+        - simpleSecurityObject
+      userPassword: nomailpassword
+      uid: nomail
+      cn: No Mail
+      sn: Mail
+      mail: nomail@domain1
+
+  # Groups
+  - dn: "cn=mail,ou=groups,dc=local"
+    state: append
+    attributes:
+      uniqueMember:
+        - uid=john,ou=people,dc=local
+        - uid=jane,ou=people,dc=local
+
+  # Domains
+  - dn: dc=domain1,ou=domains,ou=mail,ou=services,dc=local
+    attributes:
+      objectClass: dNSDomain
+      dc: domain1
+
+  - dn: dc=domain2,ou=domains,ou=mail,ou=services,dc=local
+    attributes:
+      objectClass: dNSDomain
+      dc: domain2
+
+  # Aliases
+  - dn: cn=postmaster@domain1,ou=aliases,ou=mail,ou=services,dc=local
+    attributes:
+      objectClass: nisMailAlias
+      cn: postmaster@domain1
+      rfc822MailMember: john.doe@domain1
+
+  - dn: cn=webmaster@domain2,ou=aliases,ou=mail,ou=services,dc=local
+    attributes:
+      objectClass: nisMailAlias
+      cn: webmaster@domain2
+      rfc822MailMember: jane.doe@domain2
+
+ldap_server_consumers:
+  - name: postfix
+    password: postfixpassword
+  - name: dovecot
+    password: dovecotpassword
+    state: present
+
+ldap_server_domain: "local"
+ldap_server_groups:
+  - name: mail
+ldap_server_organization: "Example"
+ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/ldap-server_ldap.cert.pem') }}"
+ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/ldap-server_ldap.key.pem') }}"
+
+# common
+ca_certificates:
+  testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"
+
+# ldap_client
+ldap_client_config:
+  - comment: CA truststore
+    option: TLS_CACERT
+    value: /etc/ssl/certs/testca.cert.pem
+  - comment: Ensure TLS is enforced
+    option: TLS_REQCERT
+    value: demand
+  - comment: Base DN
+    option: BASE
+    value: dc=local
+  - comment: URI
+    option: URI
+    value: ldapi:///
+
+# backup_server role
+backup_host_ssh_private_keys:
+  dsa: "{{ lookup('file', 'tests/data/ssh/server_dsa') }}"
+  rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"
+  ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"
+  ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"
+backup_clients:
+  - server: parameters-optional-j64
+    ip: 10.31.127.31
+    public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"