diff --git a/CHANGES.md b/CHANGES.md
index 200a489edf98aee124bc020e5bfe96acd968d13f..7cddbb144197bda7df5ea460f5a5376f303dc211 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -4,6 +4,10 @@ moodle-auth_ldap_syncplus
 Changes
 -------
 
+### Unreleased
+
+* 2018-02-07 - Add forgotten sync_roles task definition
+
 ### v3.4-r1
 
 * 2018-02-07 - Adopt code changes in Moodle 3.4 core auth_ldap: Assign arbitrary system roles via LDAP sync.
diff --git a/classes/task/sync_roles.php b/classes/task/sync_roles.php
new file mode 100644
index 0000000000000000000000000000000000000000..2902544ce74e1b2551808c62b7fb60bcc20309e6
--- /dev/null
+++ b/classes/task/sync_roles.php
@@ -0,0 +1,63 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * Auth plugin "LDAP SyncPlus" - Task definition
+ *
+ * @package    auth_ldap_syncplus
+ * @copyright  2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+
+namespace auth_ldap_syncplus\task;
+
+defined('MOODLE_INTERNAL') || die;
+
+/**
+ * The auth_ldap_syncplus scheduled task class for LDAP roles sync
+ *
+ * @package    auth_ldap_syncplus
+ * @copyright  2014 Alexander Bias, Ulm University <alexander.bias@uni-ulm.de>
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+class sync_roles extends \core\task\scheduled_task {
+
+    /**
+     * Return localised task name.
+     *
+     * @return string
+     */
+    public function get_name() {
+        return get_string('syncroles', 'auth_ldap_syncplus');
+    }
+
+    /**
+     * Execute scheduled task
+     *
+     * @return boolean
+     */
+    public function execute() {
+        global $DB;
+        if (is_enabled_auth('ldap_syncplus')) {
+            $auth = get_auth_plugin('ldap_syncplus');
+            $users = $DB->get_records('user', array('auth' => 'ldap_syncplus'));
+            foreach ($users as $user) {
+                $auth->sync_roles($user);
+            }
+        }
+    }
+
+}