diff --git a/src/ldap.js b/src/ldap.js
index 633e8f2ba..4610bff59 100644
--- a/src/ldap.js
+++ b/src/ldap.js
@@ -190,7 +190,8 @@ async function groupSearch(req, res, next) {
 
     const results = [];
 
-    const groups = [{
+    // those are the old virtual groups for backwards compat
+    const virtualGroups = [{
         name: 'users',
         admin: false
     }, {
@@ -198,7 +199,7 @@ async function groupSearch(req, res, next) {
         admin: true
     }];
 
-    groups.forEach(function (group) {
+    virtualGroups.forEach(function (group) {
         const dn = ldap.parseDN('cn=' + group.name + ',ou=groups,dc=cloudron');
         const members = group.admin ? result.filter(function (user) { return users.compareRoles(user.role, users.ROLE_ADMIN) >= 0; }) : result;
 
@@ -220,6 +221,33 @@ async function groupSearch(req, res, next) {
         }
     });
 
+    const [errorGroups, resultGroups] = await safe(groups.listWithMembers());
+    if (errorGroups) return next(new ldap.OperationsError(errorGroups.toString()));
+
+    resultGroups.forEach(function (group) {
+        console.log('----', group)
+
+        const dn = ldap.parseDN('cn=' + group.name + ',ou=groups,dc=cloudron');
+        const members = [];
+
+        const obj = {
+            dn: dn.toString(),
+            attributes: {
+                objectclass: ['group'],
+                cn: group.name,
+                memberuid: members.map(function(entry) { return entry.id; })
+            }
+        };
+
+        // ensure all filter values are also lowercase
+        const lowerCaseFilter = safe(function () { return ldap.parseFilter(req.filter.toString().toLowerCase()); }, null);
+        if (!lowerCaseFilter) return next(new ldap.OperationsError(safe.error.toString()));
+
+        if ((req.dn.equals(dn) || req.dn.parentOf(dn)) && lowerCaseFilter.matches(obj.attributes)) {
+            results.push(obj);
+        }
+    });
+
     finalSend(results, req, res, next);
 }