diff --git a/roles/os_hardening/defaults/main.yml b/roles/os_hardening/defaults/main.yml
index 94712b75..6fce1481 100644
--- a/roles/os_hardening/defaults/main.yml
+++ b/roles/os_hardening/defaults/main.yml
@@ -499,3 +499,7 @@ os_mnt_var_tmp_passno: ""
 # keep .netrc file for users in whitelist
 os_netrc_enabled: true
 os_netrc_whitelist_user: []
+
+# Set to True to force the refresh of user facts
+# Usefull if you are calling this role in a workflow and you need {{ getent_passwd }} to be updated
+os_getent_passwd_force_sync: False
diff --git a/roles/os_hardening/tasks/user_accounts.yml b/roles/os_hardening/tasks/user_accounts.yml
index c139408f..bb4cf9e1 100644
--- a/roles/os_hardening/tasks/user_accounts.yml
+++ b/roles/os_hardening/tasks/user_accounts.yml
@@ -5,7 +5,8 @@
     # creates a dict for each user containing UID/HOMEDIR etc...
   # skip this task if getent was run before without specifying a key (single entry)
   when: getent_passwd is undefined or
-        getent_passwd | length <= 1
+        getent_passwd | length <= 1 or
+        os_getent_passwd_force_sync
 
 - name: Read local linux shadow database
   ansible.builtin.getent: