diff --git a/files/sssd.conf b/files/sssd.conf
index 7f555f99ffdad6961ca791cf4c534cdd9baeb356..de0e8b3ad81d7fcc2b88a1052ec52e9c9fbef359 100644
--- a/files/sssd.conf
+++ b/files/sssd.conf
@@ -29,7 +29,7 @@ ldap_schema = rfc2307
 ldap_account_expire_policy = shadow
 ldap_pwd_policy = shadow
 ldap_access_order = fitler, expire
-ldap_user_ssh_public_key = sshAuthorizedKey
+ldap_user_ssh_public_key = sshPublicKey
 auth_provider = krb5
 chpass_provider = krb5
 cache_credentials = true
diff --git a/site.yml b/site.yml
index 044f8db19403bb974695cb8d0a272753a0cfd10d..911881f0ad80583561f5e45cc3e5d33549de0ea4 100644
--- a/site.yml
+++ b/site.yml
@@ -69,7 +69,7 @@
       regexp: tcp_listen_port
     notify: restart auditd
   - name: Get supraadmin SSH keys
-    shell: ldapsearch -H ldapi:// -Y EXTERNAL -QLLL -o ldif-wrap=no -b ou=People,dc=teckids,dc=org memberOf=cn=supraadmin,ou=Groups,dc=teckids,dc=org sshAuthorizedKey | grep sshAuthorizedKey | cut -d" " -f2-4
+    shell: ldapsearch -H ldapi:// -Y EXTERNAL -QLLL -o ldif-wrap=no -b ou=People,dc=teckids,dc=org memberOf=cn=supraadmin,ou=Groups,dc=teckids,dc=org sshPublicKey | grep sshPublicKey | cut -d" " -f2-4
     register: supraadminkeys
   - name: Get DNS key for dehydrated
     fetch: src=/etc/dehydrated/acme.key dest=tmp/ flat=yes