diff --git a/conf/ynh_pyinventory_settings.py b/conf/ynh_pyinventory_settings.py
index 5760e63..25cc266 100644
--- a/conf/ynh_pyinventory_settings.py
+++ b/conf/ynh_pyinventory_settings.py
@@ -58,11 +58,12 @@ AUTH_LDAP_USER_ATTR_MAP = {
     'email': 'mail',
 }
 
-# This is the default, but I like to be explicit.
 AUTH_LDAP_ALWAYS_UPDATE_USER = True
 
-# Use LDAP group membership to calculate group permissions.
-AUTH_LDAP_FIND_GROUP_PERMS = True
+# Don't use LDAP group membership to calculate group permissions
+AUTH_LDAP_FIND_GROUP_PERMS = False
+
+AUTH_LDAP_GROUP_TYPE = 'normal user'  # Same as: inventory.permissions.NORMAL_USER_GROUP_NAME
 
 # Cache distinguished names and group memberships for an hour to minimize LDAP traffic
 AUTH_LDAP_CACHE_TIMEOUT = 3600
diff --git a/conf/ynh_sso_ldap_backend.py b/conf/ynh_sso_ldap_backend.py
new file mode 100644
index 0000000..d5cb29b
--- /dev/null
+++ b/conf/ynh_sso_ldap_backend.py
@@ -0,0 +1,17 @@
+from django_auth_ldap.backend import LDAPBackend
+from inventory.permissions import get_or_create_normal_user_group
+
+
+class PyInventoryYunohostLdapBackend(LDAPBackend):
+    def get_or_build_user(self, username, ldap_user):
+        user, built = super().get_or_build_user(username, ldap_user)
+
+        if built:
+            user.is_staff = True
+            user.is_superuser = False
+            user.save()
+
+            pyinventory_user_group = get_or_create_normal_user_group()[0]
+            user.groups.set([pyinventory_user_group])
+
+        return user, built
diff --git a/manifest.json b/manifest.json
index b5b39d4..081d7f7 100644
--- a/manifest.json
+++ b/manifest.json
@@ -5,7 +5,7 @@
 	"description": {
 		"en": "Web based management to catalog things including state and location etc."
 	},
-	"version": "0.8.1~ynh5",
+	"version": "0.8.1~ynh6",
 	"url": "https://github.com/jedie/PyInventory",
 	"license": "GPL-3.0",
 	"maintainer": {
diff --git a/scripts/install b/scripts/install
index 15a0947..172f64d 100755
--- a/scripts/install
+++ b/scripts/install
@@ -157,6 +157,7 @@ ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db"
 
 touch "$final_path/local_settings.py"
 
+cp "../conf/ynh_sso_ldap_backend.py" "$final_path/ynh_sso_ldap_backend.py"
 cp "../conf/ynh_urls.py" "$final_path/ynh_urls.py"
 
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index 30cbb63..9b456d6 100755
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -147,6 +147,7 @@ ynh_store_file_checksum --file="$settings"
 
 touch "$final_path/local_settings.py"
 
+cp "../conf/ynh_sso_ldap_backend.py" "$final_path/ynh_sso_ldap_backend.py"
 cp "../conf/ynh_urls.py" "$final_path/ynh_urls.py"
 
 #=================================================