diff --git a/inventories/vagrant/host_vars/backend/opencloud.yml b/inventories/vagrant/host_vars/backend/opencloud.yml
index 5656f4d..72e1538 100644
--- a/inventories/vagrant/host_vars/backend/opencloud.yml
+++ b/inventories/vagrant/host_vars/backend/opencloud.yml
@@ -5,6 +5,7 @@ opencloud_extra_hosts:
   - "keycloak.local.test:host-gateway"
   - "storage.local.test:192.168.56.11"
   - "office.local.test:host-gateway"
+  - "389ds:192.168.56.11"
 
 # OIDC configuration (Keycloak)
 opencloud_oidc_issuer: "https://keycloak.local.test/realms/vagrant"
@@ -23,6 +24,13 @@ opencloud_s3_bucket: "opencloud"
 opencloud_collabora_domain: "office.local.test"
 opencloud_wopi_domain: "wopi.opencloud.local.test"
 
+# LDAP backend (users synced from Keycloak via 389ds)
+opencloud_ldap_uri: "ldaps://389ds:3636"
+opencloud_ldap_bind_dn: "cn=Directory Manager"
+opencloud_ldap_bind_password: "admin"
+opencloud_ldap_user_base_dn: "ou=users,dc=local,dc=test"
+opencloud_ldap_group_base_dn: "ou=groups,dc=local,dc=test"
+
 # Allow OpenCloud to connect to Keycloak for OIDC discovery
 opencloud_csp_extra_connect_src:
   - "https://keycloak.local.test/"
\ No newline at end of file