diff --git a/src/main/scala/app/IndexController.scala b/src/main/scala/app/IndexController.scala
index 2f5f689..a71c1a1 100644
--- a/src/main/scala/app/IndexController.scala
+++ b/src/main/scala/app/IndexController.scala
@@ -56,6 +56,11 @@
     session.setAttribute(Keys.Session.LoginAccount, account)
     updateLastLoginDate(account.userName)
 
+    if(AccountUtil.hasLdapDummyMailAddress(account)) {
+      session.remove(Keys.Session.Redirect)
+      redirect("/" + account.userName + "/_edit")
+    }
+
     session.getAndRemove[String](Keys.Session.Redirect).map { redirectUrl =>
       if(redirectUrl.replaceFirst("/$", "") == request.getContextPath){
         redirect("/")
diff --git a/src/main/scala/app/SystemSettingsController.scala b/src/main/scala/app/SystemSettingsController.scala
index d6dd787..b9707c0 100644
--- a/src/main/scala/app/SystemSettingsController.scala
+++ b/src/main/scala/app/SystemSettingsController.scala
@@ -7,7 +7,7 @@
 import org.scalatra.FlashMapSupport
 
 class SystemSettingsController extends SystemSettingsControllerBase
-  with SystemSettingsService with AccountService with AdminAuthenticator
+with SystemSettingsService with AccountService with AdminAuthenticator
 
 trait SystemSettingsControllerBase extends ControllerBase with FlashMapSupport {
   self: SystemSettingsService with AccountService with AdminAuthenticator =>
@@ -17,26 +17,28 @@
     "gravatar"                 -> trim(label("Gravatar", boolean())),
     "notification"             -> trim(label("Notification", boolean())),
     "smtp"                     -> optionalIfNotChecked("notification", mapping(
-        "host"                     -> trim(label("SMTP Host", text(required))),
-        "port"                     -> trim(label("SMTP Port", optional(number()))),
-        "user"                     -> trim(label("SMTP User", optional(text()))),
-        "password"                 -> trim(label("SMTP Password", optional(text()))),
-        "ssl"                      -> trim(label("Enable SSL", optional(boolean()))),
-        "fromAddress"              -> trim(label("FROM Address", optional(text()))),
-        "fromName"                 -> trim(label("FROM Name", optional(text())))
+      "host"                     -> trim(label("SMTP Host", text(required))),
+      "port"                     -> trim(label("SMTP Port", optional(number()))),
+      "user"                     -> trim(label("SMTP User", optional(text()))),
+      "password"                 -> trim(label("SMTP Password", optional(text()))),
+      "ssl"                      -> trim(label("Enable SSL", optional(boolean()))),
+      "fromAddress"              -> trim(label("FROM Address", optional(text()))),
+      "fromName"                 -> trim(label("FROM Name", optional(text())))
     )(Smtp.apply)),
     "ldapAuthentication"       -> trim(label("LDAP", boolean())),
     "ldap"                     -> optionalIfNotChecked("ldapAuthentication", mapping(
-        "host"                     -> trim(label("LDAP host", text(required))),
-        "port"                     -> trim(label("LDAP port", optional(number()))),
-        "bindDN"                   -> trim(label("Bind DN", optional(text()))),
-        "bindPassword"             -> trim(label("Bind Password", optional(text()))),
-        "baseDN"                   -> trim(label("Base DN", text(required))),
-        "userNameAttribute"        -> trim(label("User name attribute", text(required))),
-        "fullNameAttribute"        -> trim(label("Full name attribute", optional(text()))),
-        "mailAttribute"            -> trim(label("Mail address attribute", text(required))),
-        "tls"                      -> trim(label("Enable TLS", optional(boolean()))),
-        "keystore"                 -> trim(label("Keystore", optional(text())))
+      "host"                     -> trim(label("LDAP host", text(required))),
+      "port"                     -> trim(label("LDAP port", optional(number()))),
+      "bindDN"                   -> trim(label("Bind DN", optional(text()))),
+      "bindPassword"             -> trim(label("Bind Password", optional(text()))),
+      "baseDN"                   -> trim(label("Base DN", text(required))),
+      "userNameAttribute"        -> trim(label("User name attribute", text(required))),
+      "additionalFilterCondition"-> trim(label("Additional filter condition", optional(text()))),
+      "fullNameAttribute"        -> trim(label("Full name attribute", optional(text()))),
+      "mailAttribute"            -> trim(label("Mail address attribute", text(required))),
+      "disableMailResolve"       -> trim(label("Disable Mail Resolve", optional(boolean()))),
+      "tls"                      -> trim(label("Enable TLS", optional(boolean()))),
+      "keystore"                 -> trim(label("Keystore", optional(text())))
     )(Ldap.apply))
   )(SystemSettings.apply)
 
diff --git a/src/main/scala/service/AccountService.scala b/src/main/scala/service/AccountService.scala
index 84e78a1..54a705e 100644
--- a/src/main/scala/service/AccountService.scala
+++ b/src/main/scala/service/AccountService.scala
@@ -39,7 +39,13 @@
       case Right(ldapUserInfo) => {
         // Create or update account by LDAP information
         getAccountByUserName(userName, true) match {
-          case Some(x) if(!x.isRemoved) => updateAccount(x.copy(mailAddress = ldapUserInfo.mailAddress, fullName = ldapUserInfo.fullName))
+          case Some(x) if(!x.isRemoved) => {
+            if(settings.ldap.get.disableMailResolve.getOrElse(false)) {
+              updateAccount(x.copy(fullName = ldapUserInfo.fullName))
+            } else {
+              updateAccount(x.copy(mailAddress = ldapUserInfo.mailAddress, fullName = ldapUserInfo.fullName))
+            }
+          }
           case Some(x) if(x.isRemoved)  => {
             logger.info(s"LDAP Authentication Failed: Account is already registered but disabled..")
             defaultAuthentication(userName, password)
diff --git a/src/main/scala/service/SystemSettingsService.scala b/src/main/scala/service/SystemSettingsService.scala
index 5514cbe..8d1e82c 100644
--- a/src/main/scala/service/SystemSettingsService.scala
+++ b/src/main/scala/service/SystemSettingsService.scala
@@ -31,8 +31,10 @@
           ldap.bindPassword.foreach(x => props.setProperty(LdapBindPassword, x))
           props.setProperty(LdapBaseDN, ldap.baseDN)
           props.setProperty(LdapUserNameAttribute, ldap.userNameAttribute)
+          ldap.additionalFilterCondition.foreach(x => props.setProperty(LdapAdditionalFilterCondition, x))
           ldap.fullNameAttribute.foreach(x => props.setProperty(LdapFullNameAttribute, x))
           props.setProperty(LdapMailAddressAttribute, ldap.mailAttribute)
+          ldap.disableMailResolve.foreach(x => props.setProperty(LdapDisableMailResolve, x.toString))
           ldap.tls.foreach(x => props.setProperty(LdapTls, x.toString))
           ldap.keystore.foreach(x => props.setProperty(LdapKeystore, x))
         }
@@ -72,8 +74,10 @@
             getOptionValue(props, LdapBindPassword, None),
             getValue(props, LdapBaseDN, ""),
             getValue(props, LdapUserNameAttribute, ""),
+            getOptionValue(props, LdapAdditionalFilterCondition, None),
             getOptionValue(props, LdapFullNameAttribute, None),
             getValue(props, LdapMailAddressAttribute, ""),
+            getOptionValue[Boolean](props, LdapDisableMailResolve, None),
             getOptionValue[Boolean](props, LdapTls, None),
             getOptionValue(props, LdapKeystore, None)))
         } else {
@@ -89,33 +93,35 @@
   import scala.reflect.ClassTag
 
   case class SystemSettings(
-    allowAccountRegistration: Boolean,
-    gravatar: Boolean,
-    notification: Boolean,
-    smtp: Option[Smtp],
-    ldapAuthentication: Boolean,
-    ldap: Option[Ldap])
+                             allowAccountRegistration: Boolean,
+                             gravatar: Boolean,
+                             notification: Boolean,
+                             smtp: Option[Smtp],
+                             ldapAuthentication: Boolean,
+                             ldap: Option[Ldap])
 
   case class Ldap(
-    host: String,
-    port: Option[Int],
-    bindDN: Option[String],
-    bindPassword: Option[String],
-    baseDN: String,
-    userNameAttribute: String,
-    fullNameAttribute: Option[String],
-    mailAttribute: String,
-    tls: Option[Boolean],
-    keystore: Option[String])
+                   host: String,
+                   port: Option[Int],
+                   bindDN: Option[String],
+                   bindPassword: Option[String],
+                   baseDN: String,
+                   userNameAttribute: String,
+                   additionalFilterCondition: Option[String],
+                   fullNameAttribute: Option[String],
+                   mailAttribute: String,
+                   disableMailResolve: Option[Boolean],
+                   tls: Option[Boolean],
+                   keystore: Option[String])
 
   case class Smtp(
-    host: String,
-    port: Option[Int],
-    user: Option[String],
-    password: Option[String],
-    ssl: Option[Boolean],
-    fromAddress: Option[String],
-    fromName: Option[String])
+                   host: String,
+                   port: Option[Int],
+                   user: Option[String],
+                   password: Option[String],
+                   ssl: Option[Boolean],
+                   fromAddress: Option[String],
+                   fromName: Option[String])
 
   val DefaultSmtpPort = 25
   val DefaultLdapPort = 389
@@ -137,8 +143,10 @@
   private val LdapBindPassword = "ldap.bind_password"
   private val LdapBaseDN = "ldap.baseDN"
   private val LdapUserNameAttribute = "ldap.username_attribute"
+  private val LdapAdditionalFilterCondition = "ldap.additional_filter_condition"
   private val LdapFullNameAttribute = "ldap.fullname_attribute"
   private val LdapMailAddressAttribute = "ldap.mail_attribute"
+  private val LdapDisableMailResolve = "ldap.disable_mail_resolve"
   private val LdapTls = "ldap.tls"
   private val LdapKeystore = "ldap.keystore"
 
diff --git a/src/main/scala/util/AccountUtil.scala b/src/main/scala/util/AccountUtil.scala
new file mode 100644
index 0000000..e6da429
--- /dev/null
+++ b/src/main/scala/util/AccountUtil.scala
@@ -0,0 +1,18 @@
+package util
+
+import model.Account
+
+/**
+ * Utility for account model.
+ */
+object AccountUtil {
+  private val LDAP_DUMMY_MAL = "@ldap-devnull"
+
+  def hasLdapDummyMailAddress(account: Account): Boolean = {
+    account.mailAddress.endsWith(LDAP_DUMMY_MAL)
+  }
+
+  def getLdapDummyMailAddress(userName: String): String = {
+    userName + LDAP_DUMMY_MAL
+  }
+}
diff --git a/src/main/scala/util/LDAPUtil.scala b/src/main/scala/util/LDAPUtil.scala
index 05a7171..e0d42ad 100644
--- a/src/main/scala/util/LDAPUtil.scala
+++ b/src/main/scala/util/LDAPUtil.scala
@@ -30,7 +30,7 @@
       keystore = ldapSettings.keystore.getOrElse(""),
       error    = "System LDAP authentication failed."
     ){ conn =>
-      findUser(conn, userName, ldapSettings.baseDN, ldapSettings.userNameAttribute) match {
+      findUser(conn, userName, ldapSettings.baseDN, ldapSettings.userNameAttribute, ldapSettings.additionalFilterCondition) match {
         case Some(userDN) => userAuthentication(ldapSettings, userDN, userName, password)
         case None         => Left("User does not exist.")
       }
@@ -47,20 +47,29 @@
       keystore = ldapSettings.keystore.getOrElse(""),
       error    = "User LDAP Authentication Failed."
     ){ conn =>
-      findMailAddress(conn, userDN, ldapSettings.mailAttribute) match {
-        case Some(mailAddress) => Right(LDAPUserInfo(
+      if(ldapSettings.disableMailResolve.getOrElse(false)) {
+        Right(LDAPUserInfo(
           userName    = userName,
           fullName    = ldapSettings.fullNameAttribute.flatMap { fullNameAttribute =>
             findFullName(conn, userDN, fullNameAttribute)
           }.getOrElse(userName),
-          mailAddress = mailAddress))
-        case None => Left("Can't find mail address.")
+          mailAddress = AccountUtil.getLdapDummyMailAddress(userName)))
+      } else {
+        findMailAddress(conn, userDN, ldapSettings.mailAttribute) match {
+          case Some(mailAddress) => Right(LDAPUserInfo(
+            userName    = userName,
+            fullName    = ldapSettings.fullNameAttribute.flatMap { fullNameAttribute =>
+              findFullName(conn, userDN, fullNameAttribute)
+            }.getOrElse(userName),
+            mailAddress = mailAddress))
+          case None => Left("Can't find mail address.")
+        }
       }
     }
   }
 
   private def bind[A](host: String, port: Int, dn: String, password: String, tls: Boolean, keystore: String, error: String)
-                  (f: LDAPConnection => Either[String, A]): Either[String, A] = {
+                     (f: LDAPConnection => Either[String, A]): Either[String, A] = {
     if (tls) {
       // Dynamically set Sun as the security provider
       Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider())
@@ -105,7 +114,7 @@
   /**
    * Search a specified user and returns userDN if exists.
    */
-  private def findUser(conn: LDAPConnection, userName: String, baseDN: String, userNameAttribute: String): Option[String] = {
+  private def findUser(conn: LDAPConnection, userName: String, baseDN: String, userNameAttribute: String, additionalFilterCondition: Option[String]): Option[String] = {
     @tailrec
     def getEntries(results: LDAPSearchResults, entries: List[Option[LDAPEntry]] = Nil): List[LDAPEntry] = {
       if(results.hasMore){
@@ -118,7 +127,13 @@
         entries.flatten
       }
     }
-    getEntries(conn.search(baseDN, LDAPConnection.SCOPE_SUB, userNameAttribute + "=" + userName, null, false)).collectFirst {
+
+    val filterCond = additionalFilterCondition.getOrElse("") match {
+      case "" => userNameAttribute + "=" + userName
+      case x => "(&(" + x + ")(" + userNameAttribute + "=" + userName + "))"
+    }
+
+    getEntries(conn.search(baseDN, LDAPConnection.SCOPE_SUB, filterCond, null, false)).collectFirst {
       case x => x.getDN
     }
   }
diff --git a/src/main/scala/util/Notifier.scala b/src/main/scala/util/Notifier.scala
index 21dfce6..d7e13a7 100644
--- a/src/main/scala/util/Notifier.scala
+++ b/src/main/scala/util/Notifier.scala
@@ -27,7 +27,7 @@
     )
     .distinct
     .withFilter ( _ != context.loginAccount.get.userName )	// the operation in person is excluded
-    .foreach ( getAccountByUserName(_) filterNot (_.isGroupAccount) foreach (x => notify(x.mailAddress)) )
+    .foreach ( getAccountByUserName(_) filterNot (_.isGroupAccount) filterNot (AccountUtil.hasLdapDummyMailAddress(_)) foreach (x => notify(x.mailAddress)) )
 
 }
 
diff --git a/src/main/twirl/account/edit.scala.html b/src/main/twirl/account/edit.scala.html
index 5213ddc..670411d 100644
--- a/src/main/twirl/account/edit.scala.html
+++ b/src/main/twirl/account/edit.scala.html
@@ -1,13 +1,17 @@
 @(account: Option[model.Account], info: Option[Any])(implicit context: app.Context)
 @import context._
 @import view.helpers._
+@import util.AccountUtil
 @html.main((if(account.isDefined) "Edit your profile" else "Create your account")){
+@helper.html.information(info)
+  @if(account.isDefined && AccountUtil.hasLdapDummyMailAddress(account.get)) {
+    <div class="alert alert-danger">Please register your mail address.</div>
+  }
   @if(account.isDefined){
     <h3>Edit your profile</h3>
   } else {
     <h3>Create your account</h3>
   }
-  @helper.html.information(info)
   <form action="@if(account.isDefined){@url(account.get.userName)/_edit}else{@path/register}" method="POST" validate="true">
     <div class="row-fluid">
       <div class="span6">
@@ -38,7 +42,7 @@
         </fieldset>
         <fieldset>
           <label for="mailAddress" class="strong">Mail Address:</label>
-          <input type="text" name="mailAddress" id="mailAddress" value="@account.map(_.mailAddress)"/>
+          <input type="text" name="mailAddress" id="mailAddress" value="@if(account.isDefined && !AccountUtil.hasLdapDummyMailAddress(account.get)){@account.map(_.mailAddress)}"/>
           <span id="error-mailAddress" class="error"></span>
         </fieldset>
         <fieldset>
@@ -60,7 +64,9 @@
           <a href="@path/@account.get.userName/_delete" class="btn btn-danger" id="delete">Delete account</a>
         </div>
         <input type="submit" class="btn btn-success" value="Save"/>
+        @if(!AccountUtil.hasLdapDummyMailAddress(account.get)){
         <a href="@url(account.get.userName)" class="btn">Cancel</a>
+        }
       } else {
         <input type="submit" class="btn btn-success" value="Create account"/>
       }
diff --git a/src/main/twirl/admin/system.scala.html b/src/main/twirl/admin/system.scala.html
index 1ccab70..74a1486 100644
--- a/src/main/twirl/admin/system.scala.html
+++ b/src/main/twirl/admin/system.scala.html
@@ -3,191 +3,205 @@
 @import util.Directory._
 @import view.helpers._
 @html.main("System Settings"){
-  @menu("system"){
-    @helper.html.information(info)
-    <form action="@path/admin/system" method="POST" validate="true">
-      <div class="box">
+@menu("system"){
+@helper.html.information(info)
+<form action="@path/admin/system" method="POST" validate="true">
+    <div class="box">
         <div class="box-header">System Settings</div>
         <div class="box-content">
-          <!--====================================================================-->
-          <!-- GITBUCKET_HOME -->
-          <!--====================================================================-->
-          <label class="strong">GITBUCKET_HOME</label>
-          @GitBucketHome
-          <!--====================================================================-->
-          <!-- Account registration -->
-          <!--====================================================================-->
-          <hr>
-          <label class="strong">Account registration</label>
-          <fieldset>
-            <label class="radio">
-              <input type="radio" name="allowAccountRegistration" value="true"@if(settings.allowAccountRegistration){ checked}>
-              <span class="strong">Allow</span> - Users can create accounts by themselves.
-            </label>
-            <label class="radio">
-              <input type="radio" name="allowAccountRegistration" value="false"@if(!settings.allowAccountRegistration){ checked}>
-              <span class="strong">Deny</span> - Only administrators can create accounts.
-            </label>
-          </fieldset>
-          <!--====================================================================-->
-          <!-- Services -->
-          <!--====================================================================-->
-          <hr>
-          <label class="strong">Services</label>
-          <fieldset>
-            <label class="checkbox">
-              <input type="checkbox" name="gravatar"@if(settings.gravatar){ checked}/>
-              Use Gravatar for Profile-Images
-            </label>
-          </fieldset>
-          <!--====================================================================-->
-          <!-- Authentication -->
-          <!--====================================================================-->
-          <hr>
-          <label class="strong">Authentication</label>
-          <fieldset>
-            <label class="checkbox">
-              <input type="checkbox" id="ldapAuthentication" name="ldapAuthentication"@if(settings.ldap){ checked}/>
-              LDAP
-            </label>
-          </fieldset>
-          <div class="form-horizontal ldap">
-            <div class="control-group">
-              <label class="control-label" for="ldapHost">LDAP Host</label>
-              <div class="controls">
-                <input type="text" id="ldapHost" name="ldap.host" value="@settings.ldap.map(_.host)"/>
-                <span id="error-ldap_host" class="error"></span>
-              </div>
-            </div>
-            <div class="control-group">
-              <label class="control-label" for="ldapPort">LDAP Port</label>
-              <div class="controls">
-                <input type="text" id="ldapPort" name="ldap.port" class="input-mini" value="@settings.ldap.map(_.port)"/>
-                <span id="error-ldap_port" class="error"></span>
-              </div>
-            </div>
-            <div class="control-group">
-              <label class="control-label" for="ldapBindDN">Bind DN</label>
-              <div class="controls">
-                <input type="text" id="ldapBindDN" name="ldap.bindDN" value="@settings.ldap.map(_.bindDN)"/>
-                <span id="error-ldap_bindDN" class="error"></span>
-              </div>
-            </div>
-            <div class="control-group">
-              <label class="control-label" for="ldapBindPassword">Bind Password</label>
-              <div class="controls">
-                <input type="password" id="ldapBindPassword" name="ldap.bindPassword" value="@settings.ldap.map(_.bindPassword)"/>
-                <span id="error-ldap_bindPassword" class="error"></span>
-              </div>
-            </div>
-            <div class="control-group">
-              <label class="control-label" for="ldapBaseDN">Base DN</label>
-              <div class="controls">
-                <input type="text" id="ldapBaseDN" name="ldap.baseDN" value="@settings.ldap.map(_.baseDN)"/>
-                <span id="error-ldap_baseDN" class="error"></span>
-              </div>
-            </div>
-            <div class="control-group">
-              <label class="control-label" for="ldapUserNameAttribute">User name attribute</label>
-              <div class="controls">
-                <input type="text" id="ldapUserNameAttribute" name="ldap.userNameAttribute" value="@settings.ldap.map(_.userNameAttribute)"/>
-                <span id="error-ldap_userNameAttribute" class="error"></span>
-              </div>
-            </div>
-            <div class="control-group">
-              <label class="control-label" for="ldapFullNameAttribute">Full name attribute</label>
-              <div class="controls">
-                <input type="text" id="ldapFullNameAttribute" name="ldap.fullNameAttribute" value="@settings.ldap.map(_.fullNameAttribute)"/>
-                <span id="error-ldap_fullNameAttribute" class="error"></span>
-              </div>
-            </div>
-            <div class="control-group">
-              <label class="control-label" for="ldapMailAttribute">Mail address attribute</label>
-              <div class="controls">
-                <input type="text" id="ldapMailAttribute" name="ldap.mailAttribute" value="@settings.ldap.map(_.mailAttribute)"/>
-                <span id="error-ldap_mailAttribute" class="error"></span>
-              </div>
-            </div>
-            <div class="control-group">
-              <div class="controls">
-                <label class="checkbox">
-                  <input type="checkbox" name="ldap.tls"@if(settings.ldap.flatMap(_.tls).getOrElse(false)){ checked}/> Enable TLS
+            <!--====================================================================-->
+            <!-- GITBUCKET_HOME -->
+            <!--====================================================================-->
+            <label class="strong">GITBUCKET_HOME</label>
+            @GitBucketHome
+            <!--====================================================================-->
+            <!-- Account registration -->
+            <!--====================================================================-->
+            <hr>
+            <label class="strong">Account registration</label>
+            <fieldset>
+                <label class="radio">
+                    <input type="radio" name="allowAccountRegistration" value="true"@if(settings.allowAccountRegistration){ checked}>
+                    <span class="strong">Allow</span> - Users can create accounts by themselves.
                 </label>
-              </div>
-            </div>
-            <div class="control-group">
-              <label class="control-label" for="ldapBindDN">Keystore</label>
-              <div class="controls">
-                <input type="text" id="ldapKeystore" name="ldap.keystore" value="@settings.ldap.map(_.keystore)"/>
-                <span id="error-ldap_keystore" class="error"></span>
-              </div>
-            </div>
-          </div>
-          <!--====================================================================-->
-          <!-- Notification email -->
-          <!--====================================================================-->
-          <hr>
-          <label class="strong">Notification email</label>
-          <fieldset>
-            <label class="checkbox">
-              <input type="checkbox" id="notification" name="notification"@if(settings.notification){ checked}/>
-              Send notifications
-            </label>
-          </fieldset>
-          <div class="form-horizontal notification">
-            <div class="control-group">
-              <label class="control-label" for="smtpHost">SMTP Host</label>
-              <div class="controls">
-                <input type="text" id="smtpHost" name="smtp.host" value="@settings.smtp.map(_.host)"/>
-                <span id="error-smtp_host" class="error"></span>
-              </div>
-            </div>
-            <div class="control-group">
-              <label class="control-label" for="smtpPort">SMTP Port</label>
-              <div class="controls">
-                <input type="text" id="smtpPort" name="smtp.port" class="input-mini" value="@settings.smtp.map(_.port)"/>
-                <span id="error-smtp_port" class="error"></span>
-              </div>
-            </div>
-            <div class="control-group">
-              <label class="control-label" for="smtpUser">SMTP User</label>
-              <div class="controls">
-                <input type="text" id="smtpUser" name="smtp.user" value="@settings.smtp.map(_.user)"/>
-              </div>
-            </div>
-            <div class="control-group">
-              <label class="control-label" for="smtpPassword">SMTP Password</label>
-              <div class="controls">
-                <input type="password" id="smtpPassword" name="smtp.password" value="@settings.smtp.map(_.password)"/>
-              </div>
-            </div>
-            <div class="control-group">
-              <div class="controls">
-                <label class="checkbox">
-                  <input type="checkbox" name="smtp.ssl"@if(settings.smtp.flatMap(_.ssl).getOrElse(false)){ checked}/> Enable SSL
+                <label class="radio">
+                    <input type="radio" name="allowAccountRegistration" value="false"@if(!settings.allowAccountRegistration){ checked}>
+                    <span class="strong">Deny</span> - Only administrators can create accounts.
                 </label>
-              </div>
+            </fieldset>
+            <!--====================================================================-->
+            <!-- Services -->
+            <!--====================================================================-->
+            <hr>
+            <label class="strong">Services</label>
+            <fieldset>
+                <label class="checkbox">
+                    <input type="checkbox" name="gravatar"@if(settings.gravatar){ checked}/>
+                    Use Gravatar for Profile-Images
+                </label>
+            </fieldset>
+            <!--====================================================================-->
+            <!-- Authentication -->
+            <!--====================================================================-->
+            <hr>
+            <label class="strong">Authentication</label>
+            <fieldset>
+                <label class="checkbox">
+                    <input type="checkbox" id="ldapAuthentication" name="ldapAuthentication"@if(settings.ldap){ checked}/>
+                    LDAP
+                </label>
+            </fieldset>
+            <div class="form-horizontal ldap">
+                <div class="control-group">
+                    <label class="control-label" for="ldapHost">LDAP Host</label>
+                    <div class="controls">
+                        <input type="text" id="ldapHost" name="ldap.host" value="@settings.ldap.map(_.host)"/>
+                        <span id="error-ldap_host" class="error"></span>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="ldapPort">LDAP Port</label>
+                    <div class="controls">
+                        <input type="text" id="ldapPort" name="ldap.port" class="input-mini" value="@settings.ldap.map(_.port)"/>
+                        <span id="error-ldap_port" class="error"></span>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="ldapBindDN">Bind DN</label>
+                    <div class="controls">
+                        <input type="text" id="ldapBindDN" name="ldap.bindDN" value="@settings.ldap.map(_.bindDN)"/>
+                        <span id="error-ldap_bindDN" class="error"></span>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="ldapBindPassword">Bind Password</label>
+                    <div class="controls">
+                        <input type="password" id="ldapBindPassword" name="ldap.bindPassword" value="@settings.ldap.map(_.bindPassword)"/>
+                        <span id="error-ldap_bindPassword" class="error"></span>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="ldapBaseDN">Base DN</label>
+                    <div class="controls">
+                        <input type="text" id="ldapBaseDN" name="ldap.baseDN" value="@settings.ldap.map(_.baseDN)"/>
+                        <span id="error-ldap_baseDN" class="error"></span>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="ldapUserNameAttribute">User name attribute</label>
+                    <div class="controls">
+                        <input type="text" id="ldapUserNameAttribute" name="ldap.userNameAttribute" value="@settings.ldap.map(_.userNameAttribute)"/>
+                        <span id="error-ldap_userNameAttribute" class="error"></span>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="ldapAdditionalFilterCondition">Additional filter condition</label>
+                    <div class="controls">
+                        <input type="text" id="ldapAdditionalFilterCondition" name="ldap.additionalFilterCondition" value="@settings.ldap.map(_.additionalFilterCondition)"/>
+                        <span id="error-ldap_additionalFilterCondition" class="error"></span>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="ldapFullNameAttribute">Full name attribute</label>
+                    <div class="controls">
+                        <input type="text" id="ldapFullNameAttribute" name="ldap.fullNameAttribute" value="@settings.ldap.map(_.fullNameAttribute)"/>
+                        <span id="error-ldap_fullNameAttribute" class="error"></span>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="ldapMailAttribute">Mail address attribute</label>
+                    <div class="controls">
+                        <input type="text" id="ldapMailAttribute" name="ldap.mailAttribute" value="@settings.ldap.map(_.mailAttribute)"/>
+                        <span id="error-ldap_mailAttribute" class="error"></span>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <div class="controls">
+                        <label class="checkbox">
+                            <input type="checkbox" name="ldap.disableMailResolve"@if(settings.ldap.flatMap(_.disableMailResolve).getOrElse(false)){ checked}/> Disable Mail Resolve
+                        </label>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <div class="controls">
+                        <label class="checkbox">
+                            <input type="checkbox" name="ldap.tls"@if(settings.ldap.flatMap(_.tls).getOrElse(false)){ checked}/> Enable TLS
+                        </label>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="ldapBindDN">Keystore</label>
+                    <div class="controls">
+                        <input type="text" id="ldapKeystore" name="ldap.keystore" value="@settings.ldap.map(_.keystore)"/>
+                        <span id="error-ldap_keystore" class="error"></span>
+                    </div>
+                </div>
             </div>
-            <div class="control-group">
-              <label class="control-label" for="fromAddress">FROM Address</label>
-              <div class="controls">
-                <input type="text" id="fromAddress" name="smtp.fromAddress" value="@settings.smtp.map(_.fromAddress)"/>
-              </div>
+            <!--====================================================================-->
+            <!-- Notification email -->
+            <!--====================================================================-->
+            <hr>
+            <label class="strong">Notification email</label>
+            <fieldset>
+                <label class="checkbox">
+                    <input type="checkbox" id="notification" name="notification"@if(settings.notification){ checked}/>
+                    Send notifications
+                </label>
+            </fieldset>
+            <div class="form-horizontal notification">
+                <div class="control-group">
+                    <label class="control-label" for="smtpHost">SMTP Host</label>
+                    <div class="controls">
+                        <input type="text" id="smtpHost" name="smtp.host" value="@settings.smtp.map(_.host)"/>
+                        <span id="error-smtp_host" class="error"></span>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="smtpPort">SMTP Port</label>
+                    <div class="controls">
+                        <input type="text" id="smtpPort" name="smtp.port" class="input-mini" value="@settings.smtp.map(_.port)"/>
+                        <span id="error-smtp_port" class="error"></span>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="smtpUser">SMTP User</label>
+                    <div class="controls">
+                        <input type="text" id="smtpUser" name="smtp.user" value="@settings.smtp.map(_.user)"/>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="smtpPassword">SMTP Password</label>
+                    <div class="controls">
+                        <input type="password" id="smtpPassword" name="smtp.password" value="@settings.smtp.map(_.password)"/>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <div class="controls">
+                        <label class="checkbox">
+                            <input type="checkbox" name="smtp.ssl"@if(settings.smtp.flatMap(_.ssl).getOrElse(false)){ checked}/> Enable SSL
+                        </label>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="fromAddress">FROM Address</label>
+                    <div class="controls">
+                        <input type="text" id="fromAddress" name="smtp.fromAddress" value="@settings.smtp.map(_.fromAddress)"/>
+                    </div>
+                </div>
+                <div class="control-group">
+                    <label class="control-label" for="fromName">FROM Name</label>
+                    <div class="controls">
+                        <input type="text" id="fromName" name="smtp.fromName" value="@settings.smtp.map(_.fromName)"/>
+                    </div>
+                </div>
             </div>
-            <div class="control-group">
-              <label class="control-label" for="fromName">FROM Name</label>
-              <div class="controls">
-                <input type="text" id="fromName" name="smtp.fromName" value="@settings.smtp.map(_.fromName)"/>
-              </div>
-            </div>
-          </div>
         </div>
-      </div>
-      <fieldset>
+    </div>
+    <fieldset>
         <input type="submit" class="btn btn-success" value="Apply changes"/>
-      </fieldset>
-    </form>
-  }
+    </fieldset>
+</form>
+}
 }
 <script>
 $(function(){