diff --git a/ansible/playbooks/adhoc-ipadns.yml b/ansible/playbooks/adhoc-ipadns.yml
index 3d35b06..ce56a73 100644
--- a/ansible/playbooks/adhoc-ipadns.yml
+++ b/ansible/playbooks/adhoc-ipadns.yml
@@ -8,7 +8,7 @@
   become: false
   gather_facts: false
   vars_files:
-  - vars/encpass.yml
+  - vars/vaults/encpass.yml
 
   tasks:
     - name: "Checking for user variables"
diff --git a/ansible/playbooks/adhoc-ipagetkeytab.yml b/ansible/playbooks/adhoc-ipagetkeytab.yml
index 2d34d31..e610693 100644
--- a/ansible/playbooks/adhoc-ipagetkeytab.yml
+++ b/ansible/playbooks/adhoc-ipagetkeytab.yml
@@ -18,7 +18,7 @@
   become: true
   gather_facts: false
   vars_files:
-    - vars/encpass.yml
+    - vars/vaults/encpass.yml
 
   tasks:
     - name: "Checking for user variables"
diff --git a/ansible/playbooks/adhoc-ipagroups.yml b/ansible/playbooks/adhoc-ipagroups.yml
index ec3af08..dbb751a 100644
--- a/ansible/playbooks/adhoc-ipagroups.yml
+++ b/ansible/playbooks/adhoc-ipagroups.yml
@@ -7,7 +7,7 @@
   become: false
   gather_facts: false
   vars_files:
-  - vars/encpass.yml
+  - vars/vaults/encpass.yml
 
   tasks:
     - name: "Checking for user variables"
diff --git a/ansible/playbooks/adhoc-ipaservice.yml b/ansible/playbooks/adhoc-ipaservice.yml
index 13ba128..ec3c7fc 100644
--- a/ansible/playbooks/adhoc-ipaservice.yml
+++ b/ansible/playbooks/adhoc-ipaservice.yml
@@ -7,7 +7,7 @@
   become: false
   gather_facts: false
   vars_files:
-    - vars/encpass.yml
+    - vars/vaults/encpass.yml
 
   tasks:
     - name: "Checking for user variables"
diff --git a/ansible/playbooks/adhoc-ipausers.yml b/ansible/playbooks/adhoc-ipausers.yml
index b85e430..4599d90 100644
--- a/ansible/playbooks/adhoc-ipausers.yml
+++ b/ansible/playbooks/adhoc-ipausers.yml
@@ -7,7 +7,7 @@
   become: false
   gather_facts: false
   vars_files:
-  - vars/encpass.yml
+  - vars/vaults/encpass.yml
 
   tasks:
     - name: "Checking for user variables"
diff --git a/ansible/playbooks/adhoc-rabbitmqqueue.yml b/ansible/playbooks/adhoc-rabbitmqqueue.yml
index ee7aa5a..edd207a 100644
--- a/ansible/playbooks/adhoc-rabbitmqqueue.yml
+++ b/ansible/playbooks/adhoc-rabbitmqqueue.yml
@@ -22,7 +22,7 @@
   become: false
   gather_facts: false
   vars_files:
-  - vars/encpass.yml
+  - vars/vaults/encpass.yml
   - vars/rabbitmq.yml
 
   tasks:
diff --git a/ansible/playbooks/adhoc-rabbitmquser.yml b/ansible/playbooks/adhoc-rabbitmquser.yml
index 31fb6fe..14b326b 100644
--- a/ansible/playbooks/adhoc-rabbitmquser.yml
+++ b/ansible/playbooks/adhoc-rabbitmquser.yml
@@ -8,7 +8,7 @@
   become: false
   gather_facts: false
   vars_files:
-  - vars/encpass.yml
+  - vars/vaults/encpass.yml
   - vars/rabbitmq.yml
 
   tasks:
diff --git a/ansible/playbooks/import-rockyusers.yml b/ansible/playbooks/import-rockyusers.yml
index 3aed65d..5ee7c94 100644
--- a/ansible/playbooks/import-rockyusers.yml
+++ b/ansible/playbooks/import-rockyusers.yml
@@ -46,3 +46,25 @@
   loop: "{{ svcusers }}"
   tags:
     - users
+
+- name: "Creating bind account template - binder"
+  template:
+    src: "tmp/binder.update"
+    dest: "/tmp/binder.update"
+    owner: root
+    group: root
+    mode: '0600'
+  tags:
+    - users
+
+- name: "Adding in the bind account - binder"
+  command: "/usr/sbin/ipa-ldap-updater /tmp/binder.update"
+  register: bind_account
+  changed_when: "bind_account.rc == 0"
+  tags:
+    - users
+
+- name: "Remove template"
+  file:
+    path: "/tmp/binder.update"
+    state: absent
diff --git a/ansible/playbooks/init-rocky-ipa-internal-dns.yml b/ansible/playbooks/init-rocky-ipa-internal-dns.yml
index dba3d5d..7720216 100644
--- a/ansible/playbooks/init-rocky-ipa-internal-dns.yml
+++ b/ansible/playbooks/init-rocky-ipa-internal-dns.yml
@@ -5,9 +5,9 @@
   become: false
   gather_facts: false
   vars_files:
-  - vars/encpass.yml
-  - vars/rdns.yml
-  - vars/fdns.yml
+  - vars/vaults/encpass.yml
+  - vars/ipa/rdns.yml
+  - vars/ipa/fdns.yml
 
   tasks:
     - name: "Checking for user variables"
diff --git a/ansible/playbooks/init-rocky-ipa-team.yml b/ansible/playbooks/init-rocky-ipa-team.yml
index 56fdcac..2bf1c39 100644
--- a/ansible/playbooks/init-rocky-ipa-team.yml
+++ b/ansible/playbooks/init-rocky-ipa-team.yml
@@ -5,12 +5,12 @@
   become: false
   gather_facts: false
   vars_files:
-  - vars/encpass.yml
-  - vars/users.yml
-  - vars/adminusers.yml
-  - vars/svcusers.yml
-  - vars/groups.yml
-  - vars/ipaprivs.yml
+  - vars/vaults/encpass.yml
+  - vars/ipa/users.yml
+  - vars/ipa/adminusers.yml
+  - vars/ipa/svcusers.yml
+  - vars/ipa/groups.yml
+  - vars/ipa/ipaprivs.yml
 
   tasks:
     - name: "Checking for user variables"
diff --git a/ansible/playbooks/role-rocky-ipa-client.yml b/ansible/playbooks/role-rocky-ipa-client.yml
index 71df665..19feebb 100644
--- a/ansible/playbooks/role-rocky-ipa-client.yml
+++ b/ansible/playbooks/role-rocky-ipa-client.yml
@@ -5,8 +5,8 @@
   hosts: ipaclients
   become: true
   vars_files:
-  - vars/encpass.yml
-  - vars/ipaclient.yml
+  - vars/vaults/encpass.yml
+  - vars/ipa/ipaclient.yml
 
   pre_tasks:
     - name: Check if ansible cannot be run here
diff --git a/ansible/playbooks/role-rocky-ipa-replica.yml b/ansible/playbooks/role-rocky-ipa-replica.yml
index 6a6410f..d600c90 100644
--- a/ansible/playbooks/role-rocky-ipa-replica.yml
+++ b/ansible/playbooks/role-rocky-ipa-replica.yml
@@ -5,7 +5,7 @@
   hosts: ipareplicas
   become: true
   vars_files:
-  - vars/encpass.yml
+  - vars/vaults/encpass.yml
 
   # This is to try to avoid the handler issue in pre/post tasks
   handlers:
diff --git a/ansible/playbooks/role-rocky-ipa.yml b/ansible/playbooks/role-rocky-ipa.yml
index 713f0a0..43feecb 100644
--- a/ansible/playbooks/role-rocky-ipa.yml
+++ b/ansible/playbooks/role-rocky-ipa.yml
@@ -9,7 +9,7 @@
   hosts: ipaserver
   become: true
   vars_files:
-  - vars/encpass.yml
+  - vars/vaults/encpass.yml
 
   # This is to try to avoid the handler issue in pre/post tasks
   handlers:
diff --git a/ansible/playbooks/role-rocky-ipsilon.yml b/ansible/playbooks/role-rocky-ipsilon.yml
index 8abd8bb..02551f8 100644
--- a/ansible/playbooks/role-rocky-ipsilon.yml
+++ b/ansible/playbooks/role-rocky-ipsilon.yml
@@ -4,7 +4,7 @@
   hosts: ipsilon
   become: true
   vars_files:
-  - vars/encpass.yml
+  - vars/vaults/encpass.yml
   - vars/ipsilon.yml
 
   # This is to try to avoid the handler issue in pre/post tasks
diff --git a/ansible/playbooks/role-rocky-kojihub.yml b/ansible/playbooks/role-rocky-kojihub.yml
index 4174a72..989d311 100644
--- a/ansible/playbooks/role-rocky-kojihub.yml
+++ b/ansible/playbooks/role-rocky-kojihub.yml
@@ -4,7 +4,7 @@
   hosts: kojihub
   become: true
   vars_files:
-  - vars/encpass.yml
+  - vars/vaults/encpass.yml
   - vars/kojihub.yml
 
   # This is to try to avoid the handler issue in pre/post tasks
diff --git a/ansible/playbooks/role-rocky-mqtt.yml b/ansible/playbooks/role-rocky-mqtt.yml
index 03e5aec..e7972ff 100644
--- a/ansible/playbooks/role-rocky-mqtt.yml
+++ b/ansible/playbooks/role-rocky-mqtt.yml
@@ -4,7 +4,7 @@
   hosts: kojihub
   become: true
   vars_files:
-  - vars/encpass.yml
+  - vars/vaults/encpass.yml
   - vars/mqtt.yml
 
   # This is to try to avoid the handler issue in pre/post tasks
diff --git a/ansible/playbooks/role-rocky-rabbitmq.yml b/ansible/playbooks/role-rocky-rabbitmq.yml
index 82064af..7df3bb4 100644
--- a/ansible/playbooks/role-rocky-rabbitmq.yml
+++ b/ansible/playbooks/role-rocky-rabbitmq.yml
@@ -5,7 +5,7 @@
   become: true
   vars_files:
   - vars/common.yml
-  - vars/encpass.yml
+  - vars/vaults/encpass.yml
   - vars/rabbitmq.yml
 
   # This is to try to avoid the handler issue in pre/post tasks
diff --git a/ansible/playbooks/templates/tmp/binder.update b/ansible/playbooks/templates/tmp/binder.update
new file mode 100644
index 0000000..aaab225
--- /dev/null
+++ b/ansible/playbooks/templates/tmp/binder.update
@@ -0,0 +1,7 @@
+dn: uid=binder,cn=sysaccounts,cn=etc,dc=rockylinux,dc=org
+add:objectclass:account
+add:objectclass:simplesecurityobject
+add:uid:binder
+add:userPassword:{{ ipa_binder_password }}
+add:passwordExpirationTime:20380119031407Z
+add:nsIdleTimeout:0
diff --git a/ansible/playbooks/vars/common.yml b/ansible/playbooks/vars/common.yml
index aac6209..98fd358 100644
--- a/ansible/playbooks/vars/common.yml
+++ b/ansible/playbooks/vars/common.yml
@@ -6,4 +6,4 @@ rocky_ldap_account_basedn: "cn=accounts,dc=rockylinux,dc=org"
 # Requires jinja 2.9+
 rocky_ipaserver_list: "{{ groups['ipaserver'] + groups['ipareplicas'] }}"
 # This will need to be vaulted
-rocky_ldap_bind_pw: "ThisIsNotThePassword!"
+# rocky_ldap_bind_pw: "ThisIsNotThePassword!"
diff --git a/ansible/playbooks/vars/adminusers.yml b/ansible/playbooks/vars/ipa/adminusers.yml
similarity index 100%
rename from ansible/playbooks/vars/adminusers.yml
rename to ansible/playbooks/vars/ipa/adminusers.yml
diff --git a/ansible/playbooks/vars/fdns.yml b/ansible/playbooks/vars/ipa/fdns.yml
similarity index 100%
rename from ansible/playbooks/vars/fdns.yml
rename to ansible/playbooks/vars/ipa/fdns.yml
diff --git a/ansible/playbooks/vars/groups.yml b/ansible/playbooks/vars/ipa/groups.yml
similarity index 100%
rename from ansible/playbooks/vars/groups.yml
rename to ansible/playbooks/vars/ipa/groups.yml
diff --git a/ansible/playbooks/vars/ipaclient.yml b/ansible/playbooks/vars/ipa/ipaclient.yml
similarity index 100%
rename from ansible/playbooks/vars/ipaclient.yml
rename to ansible/playbooks/vars/ipa/ipaclient.yml
diff --git a/ansible/playbooks/vars/ipaprivs.yml b/ansible/playbooks/vars/ipa/ipaprivs.yml
similarity index 100%
rename from ansible/playbooks/vars/ipaprivs.yml
rename to ansible/playbooks/vars/ipa/ipaprivs.yml
diff --git a/ansible/playbooks/vars/ipaserver.yml b/ansible/playbooks/vars/ipa/ipaserver.yml
similarity index 100%
rename from ansible/playbooks/vars/ipaserver.yml
rename to ansible/playbooks/vars/ipa/ipaserver.yml
diff --git a/ansible/playbooks/vars/rdns.yml b/ansible/playbooks/vars/ipa/rdns.yml
similarity index 100%
rename from ansible/playbooks/vars/rdns.yml
rename to ansible/playbooks/vars/ipa/rdns.yml
diff --git a/ansible/playbooks/vars/sudorules.yml b/ansible/playbooks/vars/ipa/sudorules.yml
similarity index 100%
rename from ansible/playbooks/vars/sudorules.yml
rename to ansible/playbooks/vars/ipa/sudorules.yml
diff --git a/ansible/playbooks/vars/svcusers.yml b/ansible/playbooks/vars/ipa/svcusers.yml
similarity index 100%
rename from ansible/playbooks/vars/svcusers.yml
rename to ansible/playbooks/vars/ipa/svcusers.yml
diff --git a/ansible/playbooks/vars/users.yml b/ansible/playbooks/vars/ipa/users.yml
similarity index 100%
rename from ansible/playbooks/vars/users.yml
rename to ansible/playbooks/vars/ipa/users.yml
diff --git a/ansible/playbooks/vars/encpass.yml b/ansible/playbooks/vars/vaults/encpass.yml
similarity index 89%
rename from ansible/playbooks/vars/encpass.yml
rename to ansible/playbooks/vars/vaults/encpass.yml
index 7b43fdd..6d7cd0f 100644
--- a/ansible/playbooks/vars/encpass.yml
+++ b/ansible/playbooks/vars/vaults/encpass.yml
@@ -10,6 +10,9 @@ ipaadmin_password: !vault |
 ipadm_password: !vault |
           $ANSIBLE_VAULT;1.1;AES256
           REDACTED
+ipa_binder_password: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          REDACTED
 ipsilon_db_password: !vault |
           $ANSIBLE_VAULT;1.1;AES256
           REDACTED
diff --git a/ansible/playbooks/vars/rabbitmq_production.yml b/ansible/playbooks/vars/vaults/rabbitmq_production.yml
similarity index 100%
rename from ansible/playbooks/vars/rabbitmq_production.yml
rename to ansible/playbooks/vars/vaults/rabbitmq_production.yml
diff --git a/ansible/playbooks/vars/rabbitmq_staging.yml b/ansible/playbooks/vars/vaults/rabbitmq_staging.yml
similarity index 100%
rename from ansible/playbooks/vars/rabbitmq_staging.yml
rename to ansible/playbooks/vars/vaults/rabbitmq_staging.yml