diff --git a/src/js/client.js b/src/js/client.js
index 4bc8831c4..b30651d78 100644
--- a/src/js/client.js
+++ b/src/js/client.js
@@ -530,6 +530,24 @@ angular.module('Application').service('Client', ['$http', '$interval', 'md5', 'N
         });
     };
 
+    Client.prototype.setExternalLdapConfig = function (config, callback) {
+        post('/api/v1/settings/external_ldap_config', config, null, function (error, data, status) {
+            if (error) return callback(error);
+            if (status !== 200) return callback(new ClientError(status, data));
+
+            callback(null);
+        });
+    };
+
+    Client.prototype.getExternalLdapConfig = function (callback) {
+        get('/api/v1/settings/external_ldap_config', null, function (error, data, status) {
+            if (error) return callback(error);
+            if (status !== 200) return callback(new ClientError(status, data));
+
+            callback(null, data);
+        });
+    };
+
     Client.prototype.setDynamicDnsConfig = function (enabled, callback) {
         post('/api/v1/settings/dynamic_dns', { enabled: enabled }, null, function (error, data, status) {
             if (error) return callback(error);
diff --git a/src/views/settings.html b/src/views/settings.html
index b689a7505..b54659a9f 100644
--- a/src/views/settings.html
+++ b/src/views/settings.html
@@ -287,7 +287,7 @@
           <label>
             <input type="checkbox" ng-model="unstableApps.enabled">Enable unstable app listing</input>
           </label>
-          </div>
+        </div>
       </div>
     </div>
 
diff --git a/src/views/users.html b/src/views/users.html
index 03e669db3..479720e3b 100644
--- a/src/views/users.html
+++ b/src/views/users.html
@@ -392,4 +392,73 @@
           </div>
       </div>
   </div>
+
+  <div class="text-left" style="margin-top: 50px;">
+    <h3>External LDAP</h3>
+  </div>
+
+  <div class="card card-large">
+    <div class="row">
+      <div class="col-md-12">
+        <p>
+          This option allows to use an external LDAP or ActiveDirectory service for user management.
+        </p>
+
+        <div class="checkbox">
+          <label>
+            <input type="checkbox" ng-model="externalLdap.enabled">Enable external LDAP</input>
+          </label>
+        </div>
+
+        <div  uib-collapse="!externalLdap.enabled">
+          <form name="externalLdapConfigForm" role="form" novalidate ng-submit="externalLdap.submit()" autocomplete="off">
+            <fieldset>
+              <p class="has-error text-center" ng-show="externalLdap.error.generic">{{ externalLdap.error.generic }}</p>
+
+              <!-- avoid browsers to attempt an autofill for bindDN/bindPassword -->
+              <input type="password" style="display: none;">
+
+              <div class="form-group" ng-class="{ 'has-error': externalLdap.error.url }">
+                <label class="control-label" for="inputExternalLdapConfigUrl">Endpoint Url</label>
+                <input type="text" class="form-control" ng-model="externalLdap.url" id="inputExternalLdapConfigUrl" name="url" ng-disabled="externalLdap.busy" placeholder="ldaps://example.com:636" required>
+              </div>
+
+              <div class="form-group" ng-class="{ 'has-error': externalLdap.error.baseDn }">
+                <label class="control-label" for="inputExternalLdapConfigBaseDn">Base DN</label>
+                <input type="text" class="form-control" ng-model="externalLdap.baseDn" id="inputExternalLdapConfigBaseDn" name="baseDn" ng-disabled="externalLdap.busy" placeholder="ou=Users,dc=example,dc=com" required>
+              </div>
+
+              <div class="form-group" ng-class="{ 'has-error': externalLdap.error.filter }">
+                <label class="control-label" for="inputExternalLdapConfigFilter">Filter</label>
+                <input type="text" class="form-control" ng-model="externalLdap.filter" id="inputExternalLdapConfigFilter" name="filter" ng-disabled="externalLdap.busy" placeholder="(objectClass=inetOrgPerson)" required>
+              </div>
+
+              <div class="form-group" ng-class="{ 'has-error': externalLdap.error.credentials }">
+                <label class="control-label" for="inputExternalLdapConfigBindDn">Bind DN (optional)</label>
+                <input type="text" class="form-control" ng-model="externalLdap.bindDn" id="inputExternalLdapConfigBindDn" name="bindDn" ng-disabled="externalLdap.busy" placeholder="uid=admin,ou=Users,dc=example,dc=com">
+              </div>
+
+              <div class="form-group" ng-class="{ 'has-error': externalLdap.error.credentials }">
+                <label class="control-label" for="inputExternalLdapConfigBindPassword">Bind Password (optional)</label>
+                <input type="password" class="form-control" ng-model="externalLdap.bindPassword" id="inputExternalLdapConfigBindPassword" name="bindPassword" ng-disabled="externalLdap.busy" placeholder="">
+              </div>
+
+              <input class="ng-hide" type="submit" ng-disabled="externalLdapConfigForm.$invalid"/>
+            </fieldset>
+          </form>
+        </div>
+
+      </div>
+    </div>
+
+    <div class="row">
+      <div class="col-md-6">
+        <span class="text-success text-bold" ng-show="externalLdap.success">Saved</span>
+      </div>
+
+      <div class="col-md-6 text-right">
+        <button class="btn btn-outline btn-primary pull-right" ng-click="externalLdap.submit()" ng-disabled="externalLdapConfigForm.$invalid || externalLdap.busy"><i class="fa fa-circle-notch fa-spin" ng-show="externalLdap.busy"></i>  Save</button>
+      </div>
+    </div>
+  </div>
 </div>
diff --git a/src/views/users.js b/src/views/users.js
index 390ad5751..89d4ee5f9 100644
--- a/src/views/users.js
+++ b/src/views/users.js
@@ -413,6 +413,59 @@ angular.module('Application').controller('UsersController', ['$scope', '$locatio
         }
     };
 
+    $scope.externalLdap = {
+        busy: false,
+        error: {},
+        success: false,
+
+        // fields
+        enabled: false,
+        url: '',
+        baseDn: '',
+        filter: '',
+        bindDn: '',
+        bindPassword: '',
+
+        submit: function () {
+            $scope.externalLdap.busy = true;
+            $scope.externalLdap.error = {};
+            $scope.externalLdap.success = false;
+
+            var config = {
+                enabled: $scope.externalLdap.enabled,
+                url: $scope.externalLdap.url,
+                baseDn: $scope.externalLdap.baseDn,
+                filter: $scope.externalLdap.filter
+            };
+
+            if ($scope.externalLdap.bindDn) {
+                config.bindDn = $scope.externalLdap.bindDn;
+                config.bindPassword = $scope.externalLdap.bindPassword;
+            }
+
+            Client.setExternalLdapConfig(config, function (error) {
+                $scope.externalLdap.busy = false;
+
+                if (error) {
+                    console.error(error);
+                    if (error.statusCode === 424) {
+                        $scope.externalLdap.error.url = true;
+                    } else if (error.statusCode === 400 && error.message === 'invalid baseDn') {
+                        $scope.externalLdap.error.baseDn = true;
+                    } else if (error.statusCode === 400 && error.message === 'invalid filter') {
+                        $scope.externalLdap.error.filter = true;
+                    } else if (error.statusCode === 400 && error.message === 'invalid bind credentials') {
+                        $scope.externalLdap.error.credentials = true;
+                    } else {
+                        $scope.externalLdap.error.generic = error.message;
+                    }
+                } else {
+                    $scope.externalLdap.success = true;
+                }
+            });
+        }
+    };
+
     $scope.copyToClipboard = function (/*value*/) {
         document.execCommand('copy');
     };
@@ -488,6 +541,19 @@ angular.module('Application').controller('UsersController', ['$scope', '$locatio
         });
     }
 
+    function loadExternalLdapConfig() {
+        Client.getExternalLdapConfig(function (error, result) {
+            if (error) return console.error('Unable to get external ldap config.', error);
+
+            $scope.externalLdap.enabled = result.enabled;
+            $scope.externalLdap.url = result.url;
+            $scope.externalLdap.baseDn = result.baseDn;
+            $scope.externalLdap.filter = result.filter;
+            $scope.externalLdap.bindDn = result.bindDn;
+            $scope.externalLdap.bindPassword = result.bindPassword;
+        });
+    }
+
     $scope.showNextPage = function () {
         $scope.currentPage++;
         refreshUsers();
@@ -505,6 +571,7 @@ angular.module('Application').controller('UsersController', ['$scope', '$locatio
     };
 
     Client.onReady(refresh);
+    Client.onReady(loadExternalLdapConfig);
 
     // setup all the dialog focus handling
     ['userAddModal', 'userRemoveModal', 'userEditModal', 'groupAddModal', 'groupEditModal', 'groupRemoveModal'].forEach(function (id) {