diff --git a/docker-compose/nextcloud/ldap.sh.j2 b/docker-compose/nextcloud/ldap.sh.j2
index 9436b41f..4928e929 100644
--- a/docker-compose/nextcloud/ldap.sh.j2
+++ b/docker-compose/nextcloud/ldap.sh.j2
@@ -21,7 +21,7 @@ php occ ldap:set-config s01 ldapBase "dc=mgrote,dc=net"
 php occ ldap:set-config s01 ldapBaseUsers "dc=mgrote,dc=net"
 php occ ldap:set-config s01 ldapBaseGroups "dc=mgrote,dc=net"
 php occ ldap:set-config s01 ldapConfigurationActive 1
-php occ ldap:set-config s01 ldapLoginFilter "(&(objectclass=person)(uid=%uid))"
+php occ ldap:set-config s01 ldapLoginFilter "(&(&(objectclass=person)(memberOf=cn=nextcloud,ou=groups,dc=mgrote,dc=net))(|(uid=%uid)(|(mailPrimaryAddress=%uid)(mail=%uid))))"
 # EDIT: nextcloud group, contains the users who can login to Nextcloud
 php occ ldap:set-config s01 ldapUserFilter "(&(objectclass=person)(memberOf=cn=nextcloud,ou=groups,dc=mgrote,dc=net))"
 php occ ldap:set-config s01 ldapUserFilterMode 0