diff --git a/initial_install/roles/freeipa_client/tasks/main.yml b/initial_install/roles/freeipa_client/tasks/main.yml
index ec1e085..aec4b64 100644
--- a/initial_install/roles/freeipa_client/tasks/main.yml
+++ b/initial_install/roles/freeipa_client/tasks/main.yml
@@ -34,6 +34,16 @@
   no_log: false
   when: not ipa_client_conf.stat.exists
 
+- name: Prioritize SSS over local accounts in NSS
+  ansible.builtin.lineinfile:
+    path: /etc/nsswitch.conf
+    regexp: '^{{ item }}:'
+    line: '{{ item }}: sss files systemd'
+  loop:
+    - passwd
+    - group
+  notify: Restart SSSD
+
 - name: Enable mkhomedir
   ansible.builtin.command:
     argv: