diff --git a/config.php.in b/config.php.in
index 79bf439f..49bd0b66 100644
--- a/config.php.in
+++ b/config.php.in
@@ -88,6 +88,7 @@ $config['LDAP_MAIL_ATTR'] = 'mail';
 $config['LDAP_AUDITOR_MEMBER_DN'] = '';
 $config['LDAP_ADMIN_MEMBER_DN'] = '';
 $config['LDAP_BASE_DN'] = '';
+$config['LDAP_USE_START_TLS'] = 0;
 
 // AD specific settings
 //
diff --git a/webui/system/database/ldap.php b/webui/system/database/ldap.php
index 49f30ff6..cbca32f2 100644
--- a/webui/system/database/ldap.php
+++ b/webui/system/database/ldap.php
@@ -12,6 +12,10 @@ class LDAP {
       ldap_set_option($this->link, LDAP_OPT_PROTOCOL_VERSION, 3);
       ldap_set_option($this->link, LDAP_OPT_REFERRALS, 0);
 
+      if (LDAP_USE_START_TLS == 1) {
+         ldap_start_tls($this->link);
+      }
+
       if(@ldap_bind($this->link, $binddn, $bindpw)) {
          $this->bind = 1;
       }