diff --git a/config/config-sample.ini b/config/config-sample.ini
index 030e70e..4a5d3c9 100644
--- a/config/config-sample.ini
+++ b/config/config-sample.ini
@@ -138,6 +138,9 @@ group_member_value = uid
 ; interface
 admin_group_cn = ska-administrators
 
+; Other LDAP groups that should have their memberships synced
+;sync_groups[] = ldap_group_name
+
 [inventory]
 ; SSH Key Authority will read the contents of the file /etc/uuid (if it
 ; exists) when syncing with a server. If a value is found, it can be used as a
diff --git a/model/user.php b/model/user.php
index 6b7774e..64901db 100644
--- a/model/user.php
+++ b/model/user.php
@@ -298,7 +298,7 @@ public function check_csrf_token($token) {
 	* @throws UserNotFoundException if the user is not found in LDAP
 	*/
 	public function get_details_from_ldap() {
-		global $config;
+		global $config, $group_dir;
 		$attributes = array();
 		$attributes[] = 'dn';
 		$attributes[] = $config['ldap']['user_id'];
@@ -327,8 +327,35 @@ public function get_details_from_ldap() {
 			$this->admin = 0;
 			$group_member = $ldapuser[strtolower($config['ldap']['group_member_value'])];
 			$ldapgroups = $this->ldap->search($config['ldap']['dn_group'], LDAP::escape($config['ldap']['group_member']).'='.LDAP::escape($group_member), array('cn'));
+			$memberships = array();
 			foreach($ldapgroups as $ldapgroup) {
-				if($ldapgroup['cn'] == $config['ldap']['admin_group_cn']) $this->admin = 1;
+				$memberships[$ldapgroup['cn']] = true;
+			}
+			if(isset($config['ldap']['sync_groups']) && is_array($config['ldap']['sync_groups'])) {
+				$syncgroups = $config['ldap']['sync_groups'];
+			} else {
+				$syncgroups = array();
+			}
+			$syncgroups[] = $config['ldap']['admin_group_cn'];
+			foreach($syncgroups as $syncgroup) {
+				try {
+					$group = $group_dir->get_group_by_name($syncgroup);
+				} catch(GroupNotFoundException $e) {
+					$group = new Group;
+					$group->name = $syncgroup;
+					$group->system = 1;
+					$group_dir->add_group($group);
+				}
+				if(isset($memberships[$syncgroup])) {
+					if($syncgroup == $config['ldap']['admin_group_cn']) $this->admin = 1;
+					if(!$this->member_of($group)) {
+						$group->add_member($this);
+					}
+				} else {
+					if($this->member_of($group)) {
+						$group->delete_member($this);
+					}
+				}
 			}
 		} else {
 			throw new UserNotFoundException('User does not exist.');
diff --git a/scripts/ldap_update.php b/scripts/ldap_update.php
index 6f8668f..af6d338 100755
--- a/scripts/ldap_update.php
+++ b/scripts/ldap_update.php
@@ -35,14 +35,6 @@
 	$user_dir->add_user($active_user);
 }
 
-try {
-	$sysgrp = $group_dir->get_group_by_name($config['ldap']['admin_group_cn']);
-} catch(GroupNotFoundException $e) {
-	$sysgrp = new Group;
-	$sysgrp->name = $config['ldap']['admin_group_cn'];
-	$sysgrp->system = 1;
-	$group_dir->add_group($sysgrp);
-}
 foreach($users as $user) {
 	if($user->auth_realm == 'LDAP') {
 		$active = $user->active;
@@ -88,12 +80,6 @@
 				}
 			}
 		}
-		if($user->admin && $user->active && !$user->member_of($sysgrp)) {
-			$sysgrp->add_member($user);
-		}
-		if(!($user->admin && $user->active) && $user->member_of($sysgrp)) {
-			$sysgrp->delete_member($user);
-		}
 		$user->update();
 	}
 }