diff --git a/lib/ldap b/lib/ldap
index efe2f096d7..2bb8a4cc9c 100644
--- a/lib/ldap
+++ b/lib/ldap
@@ -79,7 +79,7 @@ function cleanup_ldap {
 function init_ldap {
     local keystone_ldif
 
-    TMP_LDAP_DIR=$(mktemp -d -t ldap.$$.XXXXXXXXXX)
+    local tmp_ldap_dir=$(mktemp -d -t ldap.$$.XXXXXXXXXX)
 
     # Remove data but not schemas
     clear_ldap_state
@@ -91,17 +91,17 @@ function init_ldap {
         printf "Configuring LDAP for $LDAP_BASE_DC\n"
         # If BASE_DN is changed, the user may override the default file
         if [[ -r $FILES/ldap/${LDAP_BASE_DC}.ldif.in ]]; then
-            keystone_ldif=${LDAP_BASE_DC}.ldif
+            local keystone_ldif=${LDAP_BASE_DC}.ldif
         else
-            keystone_ldif=keystone.ldif
+            local keystone_ldif=keystone.ldif
         fi
-        _ldap_varsubst $FILES/ldap/${keystone_ldif}.in >$TMP_LDAP_DIR/${keystone_ldif}
-        if [[ -r $TMP_LDAP_DIR/${keystone_ldif} ]]; then
-            ldapadd -x -w $LDAP_PASSWORD -D "$LDAP_MANAGER_DN" -H $LDAP_URL -c -f $TMP_LDAP_DIR/${keystone_ldif}
+        _ldap_varsubst $FILES/ldap/${keystone_ldif}.in >$tmp_ldap_dir/${keystone_ldif}
+        if [[ -r $tmp_ldap_dir/${keystone_ldif} ]]; then
+            ldapadd -x -w $LDAP_PASSWORD -D "$LDAP_MANAGER_DN" -H $LDAP_URL -c -f $tmp_ldap_dir/${keystone_ldif}
         fi
     fi
 
-    rm -rf TMP_LDAP_DIR
+    rm -rf $tmp_ldap_dir
 }
 
 # install_ldap
@@ -110,7 +110,7 @@ function install_ldap {
     echo "Installing LDAP inside function"
     echo "os_VENDOR is $os_VENDOR"
 
-    TMP_LDAP_DIR=$(mktemp -d -t ldap.$$.XXXXXXXXXX)
+    local tmp_ldap_dir=$(mktemp -d -t ldap.$$.XXXXXXXXXX)
 
     printf "installing OpenLDAP"
     if is_ubuntu; then
@@ -119,19 +119,19 @@ function install_ldap {
     elif is_fedora; then
         start_ldap
     elif is_suse; then
-        _ldap_varsubst $FILES/ldap/suse-base-config.ldif.in >$TMP_LDAP_DIR/suse-base-config.ldif
-        sudo slapadd -F /etc/openldap/slapd.d/ -bcn=config -l $TMP_LDAP_DIR/suse-base-config.ldif
+        _ldap_varsubst $FILES/ldap/suse-base-config.ldif.in >$tmp_ldap_dir/suse-base-config.ldif
+        sudo slapadd -F /etc/openldap/slapd.d/ -bcn=config -l $tmp_ldap_dir/suse-base-config.ldif
         sudo sed -i '/^OPENLDAP_START_LDAPI=/s/"no"/"yes"/g' /etc/sysconfig/openldap
         start_ldap
     fi
 
     echo "LDAP_PASSWORD is $LDAP_PASSWORD"
-    SLAPPASS=$(slappasswd -s $LDAP_PASSWORD)
-    printf "LDAP secret is $SLAPPASS\n"
+    local slappass=$(slappasswd -s $LDAP_PASSWORD)
+    printf "LDAP secret is $slappass\n"
 
     # Create manager.ldif and add to olcdb
-    _ldap_varsubst $FILES/ldap/manager.ldif.in >$TMP_LDAP_DIR/manager.ldif
-    sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f $TMP_LDAP_DIR/manager.ldif
+    _ldap_varsubst $FILES/ldap/manager.ldif.in >$tmp_ldap_dir/manager.ldif
+    sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f $tmp_ldap_dir/manager.ldif
 
     # On fedora we need to manually add cosine and inetorgperson schemas
     if is_fedora; then
@@ -139,7 +139,7 @@ function install_ldap {
         sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
     fi
 
-    rm -rf TMP_LDAP_DIR
+    rm -rf $tmp_ldap_dir
 }
 
 # start_ldap() - Start LDAP