diff --git a/README.md b/README.md
index 0045416..90a5ed6 100644
--- a/README.md
+++ b/README.md
@@ -17,9 +17,13 @@ bindpwd - from group variables
 file : default account.csv csv file containing user to create:
 
 ```csv
-org,firstname,lastname,email,password
+org,firstname,lastname,email,[password]
 ```
 
+password field optionnal - if empty will be generated automatically - WIP
+
+keep the final comma, though !
+
 Dependencies
 ------------
 
diff --git a/tasks/ldap_user_inc.yml b/tasks/ldap_user_inc.yml
index 9ea03cc..5d1465d 100644
--- a/tasks/ldap_user_inc.yml
+++ b/tasks/ldap_user_inc.yml
@@ -1,19 +1,12 @@
 ---
-  - name: add ldap ou
-    community.general.ldap_entry:
-      dn: "ou={{ org }},{{ ldap_base }}"
-      bind_dn: "{{ binddn }}"
-      bind_pw: "{{ bindpwd }}"
-      objectClass:
-       - organizationalUnit
-       - top
-
-  - name: add ldap account
-    vars:
+  - name: set vars
+    ansible.builtin.set_fact:
       firstname: "{{ item.firstname }}"
       lastname: "{{ item.lastname }}"
       email: "{{ item.email }}"
-      password: "{{ (item.password=='')| ternary(lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1, length=14), item.password ) }}"
+      password: "{{ (item.password=='')| ternary(lookup('community.general.random_string', min_lower=1, min_upper=1, special=false,min_numeric=1, length=14), item.password ) }}"
+
+  - name: "add ldap account {{ item.firstname }}"
     community.general.ldap_entry:
       bind_dn: "{{ binddn }}"
       bind_pw: "{{ bindpwd }}"
@@ -31,3 +24,9 @@
         PreferredDeliveryMethod: any
         displayName: "{{ firstname }} {{ lastname }}"
         userPassword: "{{ password }}"
+    register: result
+
+  - name: display
+    debug:
+      msg: "{{ firstname }} created with password >{{ password }}<"
+    when: result.changed
diff --git a/tasks/main.yml b/tasks/main.yml
index 50cbee1..683cb4b 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -8,6 +8,15 @@
     tags: always
     when: binddn is not defined
 
+  - name: add ldap ou
+    community.general.ldap_entry:
+      dn: "ou={{ org }},{{ ldap_base }}"
+      bind_dn: "{{ binddn }}"
+      bind_pw: "{{ bindpwd }}"
+      objectClass:
+       - organizationalUnit
+       - top
+
   - name: read csv file
     community.general.read_csv:
       path: '{{ file|default( "account.csv" ) }}'
@@ -18,3 +27,4 @@
     loop: "{{ users.list }}"
 
 
+