diff --git a/docker-compose/minio/docker-compose.yml.j2 b/docker-compose/minio/docker-compose.yml.j2
index 4006c9bf..7272368d 100644
--- a/docker-compose/minio/docker-compose.yml.j2
+++ b/docker-compose/minio/docker-compose.yml.j2
@@ -12,9 +12,20 @@ services:
     volumes:
       - data:/data
     environment:
-      - MINIO_ROOT_USER=madmin
-      - MINIO_ROOT_PASSWORD=hallowelt
-      - MINIO_DEFAULT_BUCKETS=bucket1
+      MINIO_ROOT_USER: madmin # ändern
+      MINIO_ROOT_PASSWORD: hallowelt # ändern
+
+
+      MINIO_IDENTITY_LDAP_SERVER_ADDR: "ldap.mgrote.net:636"
+      MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY: "on"
+      MINIO_IDENTITY_LDAP_SERVER_INSECURE: "on"
+      MINIO_IDENTITY_LDAP_LOOKUP_BIND_DN: "minio_bind_user"
+      MINIO_IDENTITY_LDAP_LOOKUP_BIND_PASSWORD: "hallowelt"
+      MINIO_IDENTITY_LDAP_USER_DN_SEARCH_BASE_DN: "ou=people,,dc=mgrote,dc=net"
+      # allow all users to login; they need a policy attached before they can actually do anything
+      MINIO_IDENTITY_LDAP_USER_DN_SEARCH_FILTER: "(&(objectclass=posixAccount)(uid=%s))"
+      MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN: "ou=groups,,dc=mgrote,dc=net"
+      MINIO_IDENTITY_LDAP_GROUP_SEARCH_FILTER: "(&(objectclass=groupOfUniqueNames)(member=%d))"
     command: server /data --console-address ":9001"
 
 ######## Networks ########