diff --git a/Changelog.md b/Changelog.md
index a336318f..16febb92 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -5,6 +5,7 @@ This file only reflects the changes that are made in the the docker image. Pleas
 **latest**
 - added `SMTP_TLS` configuration parameter
 - gitlab: upgrade to CE v.7.12.0
+- added `OAUTH_AUTO_LINK_LDAP_USER` configuration parameter
 
 **7.11.4-1**
 - base image update to fix SSL vulnerability
diff --git a/README.md b/README.md
index 94be4b53..8c8c7cb1 100644
--- a/README.md
+++ b/README.md
@@ -780,6 +780,7 @@ Below is the complete list of available options that can be used to customize yo
 - **LDAP_USER_FILTER**: Filter LDAP users. No default.
 - **OAUTH_ALLOW_SSO**: This allows users to login without having a user account first. User accounts will be created automatically when authentication was successful. Defaults to `false`.
 - **OAUTH_BLOCK_AUTO_CREATED_USERS**: Locks down those users until they have been cleared by the admin. Defaults to `true`.
+- **OAUTH_AUTO_LINK_LDAP_USER**: Look up new users in LDAP servers. If a match is found (same uid), automatically link the omniauth identity with the LDAP account. Defaults to `false`.
 - **OAUTH_GOOGLE_API_KEY**: Google App Client ID. No defaults.
 - **OAUTH_GOOGLE_APP_SECRET**: Google App Client Secret. No defaults.
 - **OAUTH_GOOGLE_RESTRICT_DOMAIN**: Google App restricted domain. No defaults.
diff --git a/assets/config/gitlabhq/gitlab.yml b/assets/config/gitlabhq/gitlab.yml
index 88f2e1e6..09b66e65 100644
--- a/assets/config/gitlabhq/gitlab.yml
+++ b/assets/config/gitlabhq/gitlab.yml
@@ -198,7 +198,7 @@ production: &base
     block_auto_created_users: {{OAUTH_BLOCK_AUTO_CREATED_USERS}}
     # Look up new users in LDAP servers. If a match is found (same uid), automatically
     # link the omniauth identity with the LDAP account. (default: false)
-    auto_link_ldap_user: false
+    auto_link_ldap_user: {{OAUTH_AUTO_LINK_LDAP_USER}}
 
     ## Auth providers
     # Uncomment the following lines and fill in the data of the auth provider you want to use
diff --git a/entrypoint.sh b/entrypoint.sh
index c22d13f1..2e753029 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -110,6 +110,7 @@ GITLAB_GRAVATAR_HTTPS_URL=${GITLAB_GRAVATAR_HTTPS_URL:-}
 
 OAUTH_ALLOW_SSO=${OAUTH_ALLOW_SSO:-false}
 OAUTH_BLOCK_AUTO_CREATED_USERS=${OAUTH_BLOCK_AUTO_CREATED_USERS:-true}
+OAUTH_AUTO_LINK_LDAP_USER=${OAUTH_AUTO_LINK_LDAP_USER:-false}
 
 OAUTH_GOOGLE_API_KEY=${OAUTH_GOOGLE_API_KEY:-}
 OAUTH_GOOGLE_APP_SECRET=${OAUTH_GOOGLE_APP_SECRET:-}
@@ -579,6 +580,7 @@ OAUTH_ENABLED=${OAUTH_ENABLED:-false}
 sudo -u ${GITLAB_USER} -H sed 's/{{OAUTH_ENABLED}}/'"${OAUTH_ENABLED}"'/' -i config/gitlab.yml
 sudo -u ${GITLAB_USER} -H sed 's/{{OAUTH_ALLOW_SSO}}/'"${OAUTH_ALLOW_SSO}"'/' -i config/gitlab.yml
 sudo -u ${GITLAB_USER} -H sed 's/{{OAUTH_BLOCK_AUTO_CREATED_USERS}}/'"${OAUTH_BLOCK_AUTO_CREATED_USERS}"'/' -i config/gitlab.yml
+sudo -u ${GITLAB_USER} -H sed 's/{{OAUTH_AUTO_LINK_LDAP_USER}}/'"${OAUTH_AUTO_LINK_LDAP_USER}"'/' -i config/gitlab.yml
 
 # configure nginx vhost
 sed 's,{{GITLAB_INSTALL_DIR}},'"${GITLAB_INSTALL_DIR}"',g' -i /etc/nginx/sites-enabled/gitlab