diff --git a/Changelog.md b/Changelog.md
index 9e7455df..07c4f093 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -5,6 +5,7 @@
 - gitlab: upgrade to CE v.7.10.0
 - init: removed ENV variables to configure *External Issue Tracker* integration
 - init: added `GITLAB_EMAIL_REPLY_TO` configuration option
+- init: added `LDAP_BLOCK_AUTO_CREATED_USERS` configuration option
 
 **7.9.4**
 - gitlab: upgrade to CE v.7.9.4
diff --git a/README.md b/README.md
index 3395a629..df08d926 100644
--- a/README.md
+++ b/README.md
@@ -763,6 +763,7 @@ Below is the complete list of available options that can be used to customize yo
 - **LDAP_PASS**: LDAP password
 - **LDAP_ACTIVE_DIRECTORY**: Specifies if LDAP server is Active Directory LDAP server. If your LDAP server is not AD, set this to `false`. Defaults to `true`,
 - **LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN**: If enabled, GitLab will ignore everything after the first '@' in the LDAP username submitted by the user on login. Defaults to `false` if `LDAP_UID` is `userPrincipalName`, else `true`.
+- **LDAP_BLOCK_AUTO_CREATED_USERS**: Locks down those users until they have been cleared by the admin. Defaults to `false`.
 - **LDAP_BASE**: Base where we can search for users. No default.
 - **LDAP_USER_FILTER**: Filter LDAP users. No default.
 - **OAUTH_ALLOW_SSO**: This allows users to login without having a user account first. User accounts will be created automatically when authentication was successful. Defaults to `false`.
diff --git a/assets/config/gitlabhq/gitlab.yml b/assets/config/gitlabhq/gitlab.yml
index 24fff7d3..77ae65e6 100644
--- a/assets/config/gitlabhq/gitlab.yml
+++ b/assets/config/gitlabhq/gitlab.yml
@@ -149,7 +149,7 @@ production: &base
         # To maintain tight control over the number of active users on your GitLab installation,
         # enable this setting to keep new users blocked until they have been cleared by the admin 
         # (default: false).
-        block_auto_created_users: false
+        block_auto_created_users: {{LDAP_BLOCK_AUTO_CREATED_USERS}}
 
         # Base where we can search for users
         #
diff --git a/assets/init b/assets/init
index 385d76e4..329bd135 100755
--- a/assets/init
+++ b/assets/init
@@ -93,6 +93,7 @@ LDAP_BIND_DN=${LDAP_BIND_DN:-}
 LDAP_PASS=${LDAP_PASS:-}
 LDAP_ACTIVE_DIRECTORY=${LDAP_ACTIVE_DIRECTORY:-true}
 LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN=${LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN:-}
+LDAP_BLOCK_AUTO_CREATED_USERS=${LDAP_BLOCK_AUTO_CREATED_USERS:-false}
 LDAP_BASE=${LDAP_BASE:-}
 LDAP_USER_FILTER=${LDAP_USER_FILTER:-}
 
@@ -499,6 +500,7 @@ sudo -u git -H sed 's/{{LDAP_BIND_DN}}/'"${LDAP_BIND_DN}"'/' -i config/gitlab.ym
 sudo -u git -H sed 's/{{LDAP_PASS}}/'"${LDAP_PASS}"'/' -i config/gitlab.yml
 sudo -u git -H sed 's/{{LDAP_ACTIVE_DIRECTORY}}/'"${LDAP_ACTIVE_DIRECTORY}"'/' -i config/gitlab.yml
 sudo -u git -H sed 's/{{LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN}}/'"${LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN}"'/' -i config/gitlab.yml
+sudo -u git -H sed 's/{{LDAP_BLOCK_AUTO_CREATED_USERS}}/'"${LDAP_BLOCK_AUTO_CREATED_USERS}"'/' -i config/gitlab.yml
 sudo -u git -H sed 's/{{LDAP_BASE}}/'"${LDAP_BASE}"'/' -i config/gitlab.yml
 sudo -u git -H sed 's/{{LDAP_USER_FILTER}}/'"${LDAP_USER_FILTER}"'/' -i config/gitlab.yml