---
- name: Setup default sudo access
  template: src=admins.j2 dest=/etc/sudoers.d/admins owner=root group=root mode=440 #validate='visudo -cf %s'
  tags: sudo

- name: Remove old sudo file
  file: path=/etc/sudoers.d/fws state=absent
  tags: sudo

- name: Ensure sudo provider is only files in nss
  lineinfile: dest=/etc/nsswitch.conf regexp="^sudoers{{ ':' }}.+" line="sudoers{{ ':' }}    files"
  when: ad_auth | default(False)
  tags: sudo