diff --git a/roles/nscd/defaults/main.yml b/roles/nscd/defaults/main.yml
new file mode 100644
index 0000000..c66e185
--- /dev/null
+++ b/roles/nscd/defaults/main.yml
@@ -0,0 +1,41 @@
+---
+
+nscd_config_file: /etc/nscd.conf
+
+nscd_config_password_enable_cache: true
+nscd_config_password_positive_ttl_seconds: 300
+nscd_config_password_negative_ttl_seconds: 10
+nscd_config_password_suggested_size: 221
+nscd_config_password_check_files: true
+nscd_config_password_persistent: true
+nscd_config_password_shared: true
+nscd_config_password_max_db_size_bytes: 33554432
+nscd_config_password_auto_propagate: yes
+
+nscd_config_group_enable_cache: true
+nscd_config_group_positive_ttl_seconds: 900
+nscd_config_group_negative_ttl_seconds: 30
+nscd_config_group_suggested_size: 221
+nscd_config_group_check_files: true
+nscd_config_group_persistent: true
+nscd_config_group_shared: true
+nscd_config_group_max_db_size_bytes: 33554432
+nscd_config_group_auto_propagate: yes
+
+nscd_config_hosts_enable_cache: true
+nscd_config_hosts_positive_ttl_seconds: 1800
+nscd_config_hosts_negative_ttl_seconds: 60
+nscd_config_hosts_suggested_size: 221
+nscd_config_hosts_check_files: true
+nscd_config_hosts_persistent: true
+nscd_config_hosts_shared: true
+nscd_config_hosts_max_db_size_bytes: 33554432
+
+nscd_config_services_enable_cache: true
+nscd_config_services_positive_ttl_seconds: 28800
+nscd_config_services_negative_ttl_seconds: 20
+nscd_config_services_suggested_size: 221
+nscd_config_services_check_files: true
+nscd_config_services_persistent: true
+nscd_config_services_shared: true
+nscd_config_services_max_db_size_bytes: 33554432
diff --git a/roles/nscd/tasks/main.yml b/roles/nscd/tasks/main.yml
new file mode 100644
index 0000000..6ec449b
--- /dev/null
+++ b/roles/nscd/tasks/main.yml
@@ -0,0 +1,27 @@
+---
+
+- name: Make sure nscd is installed
+  apt:
+    name: "{{ nscd_apt_package_name }}"
+    state: present
+  when: ansible_facts['pkg_mgr'] == 'apt'
+
+- name: Ensure nscd is configured
+  template:
+    src: nscd.conf.j2
+    dest: "{{ nscd_config_file }}"
+    owner: root
+    group: root
+    mode: "0640"
+
+- name: Ensure systemd service is enabled
+  systemd:
+    service: "{{ nscd_systemd_service_name }}"
+    enabled: true
+  when: ansible_facts['service_mgr'] == 'systemd'
+
+- name: Ensure systemd service is started
+  systemd:
+    service: "{{ nscd_systemd_service_name }}"
+    state: started
+  when: ansible_facts['service_mgr'] == 'systemd'
diff --git a/roles/nscd/templates/nscd.conf.j2 b/roles/nscd/templates/nscd.conf.j2
new file mode 100644
index 0000000..b881726
--- /dev/null
+++ b/roles/nscd/templates/nscd.conf.j2
@@ -0,0 +1,41 @@
+#logfile	/var/log/nscd.log
+#threads	4
+#max-threads	32
+
+enable-cache		passwd	{{ nscd_config_passwd_auto_propagate | ternary('yes', 'no') }}
+positive-time-to-live	passwd	{{ nscd_config_passwd_positive_ttl_seconds }}
+negative-time-to-live	passwd	{{ nscd_config_passwd_negative_ttl_seconds }}
+suggested-size		passwd	{{ nscd_config_passwd_suggested_size }}
+check-files		passwd	{{ nscd_config_passwd_check_files | ternary('yes', 'no') }}
+persistent		passwd	{{ nscd_config_passwd_persistent | ternary('yes', 'no') }}
+shared			passwd	{{ nscd_config_passwd_shared | ternary('yes', 'no') }}
+max-db-size		passwd	{{ nscd_config_passwd_max_db_size_bytes }}
+auto-propagate		passwd	{{ nscd_config_passwd_auto_propagate | ternary('yes', 'no') }}
+
+enable-cache		group	{{ nscd_config_group_auto_propagate | ternary('yes', 'no') }}
+positive-time-to-live	group	{{ nscd_config_group_positive_ttl_seconds }}
+negative-time-to-live	group	{{ nscd_config_group_negative_ttl_seconds }}
+suggested-size		group	{{ nscd_config_group_suggested_size }}
+check-files		group	{{ nscd_config_group_check_files | ternary('yes', 'no') }}
+persistent		group	{{ nscd_config_group_persistent | ternary('yes', 'no') }}
+shared			group	{{ nscd_config_group_shared | ternary('yes', 'no') }}
+max-db-size		group	{{ nscd_config_group_max_db_size_bytes }}
+auto-propagate		group	{{ nscd_config_group_auto_propagate | ternary('yes', 'no') }}
+
+enable-cache		hosts	{{ nscd_config_hosts_auto_propagate | ternary('yes', 'no') }}
+positive-time-to-live	hosts	{{ nscd_config_hosts_positive_ttl_seconds }}
+negative-time-to-live	hosts	{{ nscd_config_hosts_negative_ttl_seconds }}
+suggested-size		hosts	{{ nscd_config_hosts_suggested_size }}
+check-files		hosts	{{ nscd_config_hosts_check_files | ternary('yes', 'no') }}
+persistent		hosts	{{ nscd_config_hosts_persistent | ternary('yes', 'no') }}
+shared			hosts	{{ nscd_config_hosts_shared | ternary('yes', 'no') }}
+max-db-size		hosts	{{ nscd_config_hosts_max_db_size_bytes }}
+
+enable-cache		services	{{ nscd_config_services_auto_propagate | ternary('yes', 'no') }}
+positive-time-to-live	services	{{ nscd_config_services_positive_ttl_seconds }}
+negative-time-to-live	services	{{ nscd_config_services_negative_ttl_seconds }}
+suggested-size		services	{{ nscd_config_services_suggested_size }}
+check-files		services	{{ nscd_config_services_check_files | ternary('yes', 'no') }}
+persistent		services	{{ nscd_config_services_persistent | ternary('yes', 'no') }}
+shared			services	{{ nscd_config_services_shared | ternary('yes', 'no') }}
+max-db-size		services	{{ nscd_config_services_max_db_size_bytes }}
diff --git a/roles/nscd/vars/main.yml b/roles/nscd/vars/main.yml
new file mode 100644
index 0000000..07b2eca
--- /dev/null
+++ b/roles/nscd/vars/main.yml
@@ -0,0 +1,4 @@
+---
+
+nscd_apt_package_name: nscd
+nscd_systemd_service_name: nscd.service