diff --git a/config/default.toml b/config/default.toml
index 44f91166..13315fa5 100644
--- a/config/default.toml
+++ b/config/default.toml
@@ -121,6 +121,9 @@ filter="(|(username={{username}})(mail={{username}}))"
 #Username field in LDAP (uid/cn/username)
 uidTag="username"
 passwordresetlink=""
+# Use a different user to bind LDAP (final bind DN will be: {{uidTag}}={{bindUser}},{{baseDN}})
+bindUser=""
+bindPassword=""
 
 [postfixbounce]
 # Enable to allow writing Postfix bounce log to Mailtrain listener
diff --git a/lib/passport.js b/lib/passport.js
index 04ef20ac..1ddd3bca 100644
--- a/lib/passport.js
+++ b/lib/passport.js
@@ -85,7 +85,9 @@ if (config.ldap.enabled && LdapStrategy) {
             attributes: [config.ldap.uidTag, 'mail'],
             scope: 'sub'
         },
-        uidTag: config.ldap.uidTag
+        uidTag: config.ldap.uidTag,
+        bindUser: config.ldap.bindUser,
+        bindPassword: config.ldap.bindPassword
     };
 
     passport.use(new LdapStrategy(opts, (profile, done) => {