diff --git a/ansible/playbooks/tasks/gitlab-reconfigure.yml b/ansible/playbooks/tasks/gitlab-reconfigure.yml
index 3520168..c5a4a96 100644
--- a/ansible/playbooks/tasks/gitlab-reconfigure.yml
+++ b/ansible/playbooks/tasks/gitlab-reconfigure.yml
@@ -58,6 +58,7 @@
   loop:
     - httpd_can_network_connect
     - httpd_can_network_relay
+    - httpd_can_connect_ldap
     - httpd_read_user_content
 
 - name: Change fcontext to GitLab unix socket for nginx
diff --git a/ansible/playbooks/vars/common.yml b/ansible/playbooks/vars/common.yml
index b73c759..f51631c 100644
--- a/ansible/playbooks/vars/common.yml
+++ b/ansible/playbooks/vars/common.yml
@@ -5,5 +5,6 @@ rocky_ldap_group_basedn: "cn=groups,cn=accounts,dc=rockylinux,dc=org"
 rocky_ldap_account_basedn: "cn=accounts,dc=rockylinux,dc=org"
 # Requires jinja 2.9+
 rocky_ipaserver_list: "{{ groups['ipaserver'] + groups['ipareplicas'] }}"
+rocky_ipaserver_lb: "ipa-lb.rockylinux.org"
 # This will need to be vaulted
 rocky_ldap_bind_pw: "{{ ipa_binder_password }}"
diff --git a/ansible/playbooks/vars/gitlab.yml b/ansible/playbooks/vars/gitlab.yml
index 2529b2f..dc6e7c1 100644
--- a/ansible/playbooks/vars/gitlab.yml
+++ b/ansible/playbooks/vars/gitlab.yml
@@ -21,7 +21,7 @@ gitlab_ssl_key: "/etc/nginx/ssl/{{ gitlab_domain }}.key"
 
 # LDAP Configuration
 gitlab_ldap_enabled: "true"
-gitlab_ldap_host: "{{ rocky_ipaserver_list[0] }}"
+gitlab_ldap_host: "{{ rocky_ipaserver_lb }}"
 gitlab_ldap_port: "389"
 gitlab_ldap_uid: "uid"
 gitlab_ldap_method: "start_tls"