diff --git a/README.md b/README.md
index eddd15c60e770f77793a4bf05d5da7c559dc4674..fe2ba3e80fab1b5eb2fb35130cb71ae3e503be00 100644
--- a/README.md
+++ b/README.md
@@ -5,6 +5,8 @@ Ansible playbook to configure servers on the GPN:
 
 - configure samba so that the interfaces created by docker are not broadcasted to AD and DNS
 
+- Adds csi user to servers
+
 
 This playbook should be applied on all nodes on the GPN (and only on the GPN).
 As we use a static inventory for the GPN machines, this playbook uses the "all" group.
@@ -15,8 +17,8 @@ WARNING! Be sure to run this playbook on the proper inventory!
 Requirements
 ------------
 
-- ansible >= 2.4
-- molecule >= 2.6
+- ansible >= 2.7
+- molecule >= 2.19
 
 License
 -------
diff --git a/group_vars/all b/group_vars/all
new file mode 100644
index 0000000000000000000000000000000000000000..83a5e99406fdf0705b540a9f215790f6c2fe9f83
--- /dev/null
+++ b/group_vars/all
@@ -0,0 +1,7 @@
+---
+sudoers_user_list:
+  - name: csi  #ansible user
+    nopasswd: true
+localusers:
+  - name: csi
+localusers_per_user_groups : true
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index b69186480411d374dc800b1cb774a352d788f0bc..93087e053d26e651824e7298bc16237be4906c8e 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -18,3 +18,14 @@ def test_route_interfaces(host):
 def test_route_exist(host):
     cmd = host.run("/usr/sbin/ip route list")
     assert "172.30.0.0" in cmd.stdout
+
+
+def test_sudoers_files(host):
+    with host.sudo():
+        assert host.file("/etc/sudoers.d/csi").content_string == "csi ALL=(ALL) NOPASSWD:ALL"
+
+
+def test_sudo_with_csi(host):
+    with host.sudo("csi"):
+        cmd = host.run("sudo ls")
+    assert cmd.rc == 0
diff --git a/playbook.yml b/playbook.yml
index 92496d89c9132a032ad1f25ca93e1d5cce84410e..8987205ed966771c405dea80927b8dcab1760edb 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -4,3 +4,5 @@
   roles:
     - role: ics-ans-role-samba-interfaces
     - role: ics-ans-role-lab-route
+    - role: ics-ans-role-localusers
+    - role: ics-ans-role-sudoers
diff --git a/roles/requirements.yml b/roles/requirements.yml
index c036b3f216f589b80287fcd66aed10c78da9c6ac..9155ee5862109a884134c32abf0952e4a2a766d2 100644
--- a/roles/requirements.yml
+++ b/roles/requirements.yml
@@ -3,3 +3,7 @@
   version: v0.1.0
 - src: git+https://gitlab.esss.lu.se/ics-ansible-galaxy/ics-ans-role-lab-route.git
   version: v0.1.3
+- src: git+https://gitlab.esss.lu.se/ics-ansible-galaxy/ics-ans-role-localusers.git
+  version: v1.0.0
+- src: git+https://gitlab.esss.lu.se/ics-ansible-galaxy/ics-ans-role-sudoers.git
+  version: v0.1.0