diff --git a/roles/nextcloud/defaults/main.yml b/roles/nextcloud/defaults/main.yml
index 5327a8a10..1dc0835bd 100644
--- a/roles/nextcloud/defaults/main.yml
+++ b/roles/nextcloud/defaults/main.yml
@@ -12,6 +12,8 @@ nextcloud_dbname: nextcloud
 nextcloud_dbhost: localhost
 nextcloud_dbuser: nextcloud
 nextcloud_dbpassword: nextcloudmysql
+nextcloud_user: nextcloud
+nextcloud_user_password: nextcloudmysql
 
 nextcloud_admin_user: root
 nextcloud_admin_password: "{{ mysql_root_password }}"
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 2b105c82c..839ed9158 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -90,15 +90,6 @@
   mysql_db: name={{ nextcloud_dbname }}
   when: mysql_enabled and nextcloud_enabled
 
-- name: Create a user to access the nextcloud database
-  mysql_user: name={{ nextcloud_dbuser }} host={{ item }} password={{ nextcloud_dbpassword }} priv={{ nextcloud_dbname }}.*:ALL,GRANT
-  with_items:
-        - "{{ nextcloud_dbhost }}"
-        - 127.0.0.1
-        - ::1
-        - localhost
-  when: mysql_enabled and nextcloud_enabled
-
 - name: Restart apache, so it picks up the new aliases
   service: name={{ apache_service }} state=restarted
   when: not nextcloud_enabled
diff --git a/roles/nextcloud/tasks/nextcloud_enabled.yml b/roles/nextcloud/tasks/nextcloud_enabled.yml
index 74aa94b6f..1f567f5e0 100644
--- a/roles/nextcloud/tasks/nextcloud_enabled.yml
+++ b/roles/nextcloud/tasks/nextcloud_enabled.yml
@@ -1,5 +1,4 @@
- # This should go in computed_network.yml, but here for now
-
+ # This should go in computed_network.yml, but here for now 
 - name: Compute nextcloud listen ip addr for nextcloud.conf
   set_fact:
      nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}"
@@ -29,12 +28,12 @@
 
 # the install wizard does not succeed if already installed
 - name: Determine if nextcloud is installed
-  command: >
-         php {{ nextcloud_prefix }}/nextcloud/occ status |
-         grep installed | wc | cut -f' ' -d1
+  shell: >
+         sudo -u {{ apache_user }} php 
+         '{{ nextcloud_prefix }}/nextcloud/occ' status | 
+         grep installed | wc | cut -d' ' -f1
   register: returned_count
 
-
 - name: Run nextcloud initial install wizard
   shell: >
          cd {{ nextcloud_prefix }}/nextcloud;
@@ -47,6 +46,23 @@
          --admin-pass "{{ mysql_root_password }}"  
   when: nextcloud_enabled and returned_count == "0"
 
+- name: Determine if nextcloud user exists already
+  shell: >
+         sudo -u {{ apache_user }} php 
+         '{{ nextcloud_prefix }}/nextcloud/occ' user:list | 
+         grep {{ nextcloud_user }} | wc | cut -d' ' -f1
+  register: returned_count
+
+# nextcloud wants to make users rather than just mysql users and not done
+- name: create the default user
+  shell: >
+        su -s /bin/sh {{ apache_user }} -c 
+        'OC_PASS={{ nextcloud_user_password }};
+        php {{ nextcloud_prefix }}/nextcloud/occ user:add
+        --password-from-env --display-name={{ nextcloud_user }}
+        --group="users" {{ nextcloud_user }}'
+  when: nextcloud_enabled and returned_count == "0"
+
 - name: Remove Rewrite URL
   lineinfile: regexp='overwrite.cli.url'
               state=absent