diff --git a/conf/default.conf.php b/conf/default.conf.php
index c0fde81573..2d5bd9c3b1 100644
--- a/conf/default.conf.php
+++ b/conf/default.conf.php
@@ -604,6 +604,10 @@ return array(
   // the array will be joined
   'ldap.real_name_attributes' => array(),
 
+  // A domain name to use when authenticating against Active Directory
+  // (e.g. 'example.com')
+  'ldap.activedirectory_domain' => '',
+
   // The LDAP version
   'ldap.version' => 3,
 
diff --git a/src/applications/auth/ldap/PhabricatorLDAPProvider.php b/src/applications/auth/ldap/PhabricatorLDAPProvider.php
index 3f9241b897..d73659c5fb 100644
--- a/src/applications/auth/ldap/PhabricatorLDAPProvider.php
+++ b/src/applications/auth/ldap/PhabricatorLDAPProvider.php
@@ -111,10 +111,17 @@ final class PhabricatorLDAPProvider {
       throw new Exception('Username and/or password can not be empty');
     }
 
-    $result = ldap_bind($this->getConnection(),
-              $this->getSearchAttribute() . '=' . $username . ',' .
-              $this->getBaseDN(),
-              $password);
+    $activeDirectoryDomain =
+      PhabricatorEnv::getEnvConfig('ldap.activedirectory_domain');
+
+    if ($activeDirectoryDomain) {
+      $dn = $username . '@' . $activeDirectoryDomain;
+    } else {
+      $dn = $this->getSearchAttribute() . '=' . $username . ',' .
+            $this->getBaseDN();
+    }
+
+    $result = ldap_bind($this->getConnection(), $dn, $password);
 
     if (!$result) {
       throw new Exception('Bad username/password.');
@@ -176,6 +183,7 @@ final class PhabricatorLDAPProvider {
     for($i = 0; $i < $entries['count']; $i++) {
       $row = array();
       $entry = $entries[$i];
+
       // Get username, email and realname 
       $username = $entry[$this->getSearchAttribute()][0];
       if(empty($username)) {