diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
index 172214a..8899d7c 100644
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@@ -3,6 +3,7 @@ en:
     ldap_enabled: "Is LDAP plugin enabled?"
     ldap_user_create_mode: "User create mode: auto, list or none"
     ldap_lookup_users_by: "Attribute to lookup users by: email or username"
+    ldap_add_to_groups: "Automatically add LDAP authenticated users to these groups"
     ldap_hostname: "Hostname of LDAP server"
     ldap_port: "Connection port to LDAP server"
     ldap_method: "Connection method: ssl, tls or plain"
diff --git a/config/settings.yml b/config/settings.yml
index d2a8ef7..e2532a6 100644
--- a/config/settings.yml
+++ b/config/settings.yml
@@ -5,6 +5,8 @@ plugins:
     default: 'auto'
   ldap_lookup_users_by:
     default: 'email'
+  ldap_add_to_groups:
+    default: ''
   ldap_hostname:
     default: 'adfs.example.com'
   ldap_port:
diff --git a/plugin.rb b/plugin.rb
index 7f7504c..98b96c2 100644
--- a/plugin.rb
+++ b/plugin.rb
@@ -60,6 +60,9 @@ def auth_result(auth_info)
         match[:name] = match[:name] || auth_info[:name]
         return LDAPUser.new(match).auth_result
       when 'auto'
+        unless SiteSetting.ldap_add_to_groups.empty?
+          auth_info[:groups] = SiteSetting.ldap_add_to_groups.present
+        end
         return LDAPUser.new(auth_info).auth_result
       else
         return fail_auth('Invalid option for ldap_user_create_mode setting.')