diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/AuthenticationProviderService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/AuthenticationProviderService.java
index 654b403c34..09c94b7160 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/AuthenticationProviderService.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/AuthenticationProviderService.java
@@ -120,17 +120,28 @@ public class AuthenticationProviderService {
      *     If required properties are missing, and thus the user DN cannot be
      *     determined.
      */
-    private Dn getUserBindDN(LDAPConfiguration config, String username)
-            throws GuacamoleException {
+    private Dn getUserBindDN(LDAPConfiguration config, String username, String password) throws GuacamoleException {
 
         // If a search DN is provided, search the LDAP directory for the DN
         // corresponding to the given username
-        String searchBindLogon = config.getSearchBindDN();
+
+        String searchBindLogon;
+        String searchBindPassword;
+        
+        if(confService.getUPNDomain() != "" && confService.getUPNDomain() != null){
+            searchBindLogon = username + "@" + confService.getUPNDomain();
+            searchBindPassword = password;
+        }else{
+            searchBindLogon = config.getSearchBindDN();
+            searchBindPassword = config.getSearchBindPassword();
+        }
         if (searchBindLogon != null) {
 
             // Create an LDAP connection using the search account
             LdapNetworkConnection searchConnection = ldapService.bindAs(config,
-                searchBindLogon, config.getSearchBindPassword());
+                searchBindLogon,
+                searchBindPassword
+            );
 
             // Warn of failure to find
             if (searchConnection == null) {
@@ -219,7 +230,8 @@ private UserLDAPConfiguration getLDAPConfiguration(String username,
                     config.getServerHostname(), username, translatedUsername);
 
             // Derive DN of user within this LDAP server
-            Dn bindDn = getUserBindDN(config, translatedUsername);
+            
+            Dn bindDn = getUserBindDN(config, username, password);
             if (bindDn == null || bindDn.isEmpty()) {
                 logger.info("Unable to determine DN of user \"{}\" using LDAP "
                         + "server \"{}\". Proceeding with next server...",
diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/ConfigurationService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/ConfigurationService.java
index 15bd0026c6..7cd8770e8c 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/ConfigurationService.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/ConfigurationService.java
@@ -149,4 +149,20 @@ else if (cachedConfigurations != null) {
 
     }
 
+     /**
+     * Returns the UPN domain name used to authenticate via LDAP,
+     * or null by default.
+     * 
+     * @return
+     *     The UPN domain name of the LDAP accounts when authenticating per-user.
+     * 
+     * @throws GuacamoleException
+     *     If guacamole.properties connect be parsed.
+     */
+    public String getUPNDomain() throws GuacamoleException {
+        return environment.getProperty(
+            LDAPGuacamoleProperties.LDAP_UPN_DOMAIN,
+            null
+        );
+    }
 }
diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPGuacamoleProperties.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPGuacamoleProperties.java
index 1db4f723cd..1836299e67 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPGuacamoleProperties.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPGuacamoleProperties.java
@@ -125,6 +125,17 @@ private LDAPGuacamoleProperties() {}
         @Override
         public String getName() { return "ldap-hostname"; }
 
+    };
+
+     /**
+     * The domain used for a UPN username for LDAP server to connect to when authenticating users.
+     */
+    public static final StringGuacamoleProperty LDAP_UPN_DOMAIN =
+            new StringGuacamoleProperty() {
+
+        @Override
+        public String getName() { return "ldap-upn-domain"; }
+
     };
 
     /**
@@ -298,5 +309,5 @@ private LDAPGuacamoleProperties() {}
         public String getName() { return "ldap-member-attribute-type"; }
 
     };
-
+    
 }