diff --git a/arangod/CMakeLists.txt b/arangod/CMakeLists.txt
index e813470190..b7a2399243 100644
--- a/arangod/CMakeLists.txt
+++ b/arangod/CMakeLists.txt
@@ -405,6 +405,8 @@ target_link_libraries(arangoserver
   boost_boost
   boost_system
   ${SYSTEM_LIBRARIES}
+  ldap
+  lber
 )
 
 add_executable(${BIN_ARANGOD}
diff --git a/arangod/VocBase/AuthInfo.cpp b/arangod/VocBase/AuthInfo.cpp
index 708e113eac..7dfead706e 100644
--- a/arangod/VocBase/AuthInfo.cpp
+++ b/arangod/VocBase/AuthInfo.cpp
@@ -21,6 +21,8 @@
 /// @author Dr. Frank Celler
 ////////////////////////////////////////////////////////////////////////////////
 
+#define LDAP_DEPRECATED 1
+
 #include "AuthInfo.h"
 
 #include "Aql/Query.h"
@@ -40,11 +42,19 @@
 #include <velocypack/Iterator.h>
 #include <velocypack/velocypack-aliases.h>
 
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <lber.h>
+#include <ldap.h>
+
+
 using namespace arangodb;
 using namespace arangodb::basics;
 using namespace arangodb::velocypack;
 using namespace arangodb::rest;
 
+
 static AuthEntry CreateAuthEntry(VPackSlice const& slice) {
   if (slice.isNone() || !slice.isObject()) {
     return AuthEntry();
@@ -371,6 +381,59 @@ AuthLevel AuthInfo::canUseDatabase(std::string const& username,
     reload();
   }
 
+  LOG_TOPIC(INFO, arangodb::Logger::FIXME) << "AuthInfo::canUseDatabase(,)";
+
+// LDAP
+
+  LDAP *ld;
+  int  result;
+  int  auth_method = LDAP_AUTH_SIMPLE;
+  int desired_version = LDAP_VERSION3;
+  std::string ldap_host = "ldap.forumsys.com";
+  std::string root_dn = "uid=" + username + ",dc=example,dc=com";
+  std::string root_pw = "password";
+
+/*
+OPTS = {
+  server: {
+    url: 'ldap://ldap.forumsys.com:389',
+    bindDn: 'cn=read-only-admin,dc=example,dc=com',
+    bindCredentials: 'password',
+    searchBase: 'dc=example,dc=com',
+    searchFilter: '(uid={{username}})'
+  }
+};
+*/
+
+  if ((ld = ldap_init(ldap_host.c_str(), LDAP_PORT)) == NULL ) {
+    perror( "ldap_init failed" );
+    exit( EXIT_FAILURE );
+  }
+
+  /* set the LDAP version to be 3 */
+  if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &desired_version) != LDAP_OPT_SUCCESS)
+   {
+      ldap_perror(ld, "ldap_set_option");
+      exit(EXIT_FAILURE);
+   }
+
+  if (ldap_bind_s(ld, root_dn.c_str(), root_pw.c_str(), auth_method) != LDAP_SUCCESS ) {
+    ldap_perror( ld, "ldap_bind" );
+    LOG_TOPIC(ERR, arangodb::Logger::FIXME) << "cant auth";
+    // exit( EXIT_FAILURE );
+  }
+
+  result = ldap_unbind_s(ld);
+
+  if (result != 0) {
+    fprintf(stderr, "ldap_unbind_s: %s\n", ldap_err2string(result));
+    // exit( EXIT_FAILURE );
+    LOG_TOPIC(INFO, arangodb:
+    :Logger::FIXME) << "cant unbind";
+  }
+
+// LDAP
+
   auto const& it = _authInfo.find(username);
 
   if (it == _authInfo.end()) {