diff --git a/webserver/docker_ldap/tasks/main.yml b/common/docker_ldap/tasks/main.yml
similarity index 74%
rename from webserver/docker_ldap/tasks/main.yml
rename to common/docker_ldap/tasks/main.yml
index 9e266a160142a13750d4721672428c7f1bad3ee2..c2da41499fb22516bc5e612b98899730fe5fda0f 100644
--- a/webserver/docker_ldap/tasks/main.yml
+++ b/common/docker_ldap/tasks/main.yml
@@ -2,9 +2,8 @@
 
 - include_tasks: ../functions/get_secret.yml
   with_items:
-   - { path: /srv/ldap/ldap_admin_pass,  length: 24 }
-   - { path: /srv/ldap/ldap_config_pass,  length: 24 }
-   - { path: /srv/ldap/ldap_readonly_pass,  length: 24 }
+   - { path: /srv/ldap/secret/ldap_admin_pass,  length: 24 }
+   - { path: /srv/ldap/secret/ldap_readonly_pass,  length: 24 }
 
 - name: create folder struct for ldap
   file:
diff --git a/common/docker_ldap/templates/docker-compose.yml b/common/docker_ldap/templates/docker-compose.yml
new file mode 100644
index 0000000000000000000000000000000000000000..41e4326da1031732baff071af179041f24ba3467
--- /dev/null
+++ b/common/docker_ldap/templates/docker-compose.yml
@@ -0,0 +1,38 @@
+
+version: "3"
+
+services:
+
+  openldap:
+    image: osixia/openldap:1.2.2
+    restart: always
+    command: --loglevel debug 
+    network_mode: host
+    volumes:
+      - /srv/ldap/database:/var/lib/ldap
+      - /srv/ldap/config:/etc/ldap/slapd.d
+    environment:
+      - HOSTNAME={{ int_ip4 }}
+      - LDAP_BACKEND=hdb 
+      - LDAP_ORGANISATION={{ ldap_org }}
+      - LDAP_DOMAIN={{ ldap_domain }}
+      - LDAP_ADMIN_PASSWORD={{ ldap_admin_pass }}
+      - LDAP_CONFIG_PASSWORD={{ ldap_admin_pass }}
+      - LDAP_READONLY_USER=true
+      - LDAP_READONLY_USER_USERNAME=readonly
+      - LDAP_READONLY_USER_PASSWORD={{ ldap_readonly_pass }}
+      - LDAP_TLS_VERIFY_CLIENT=never
+      - LDAP_REPLICATION=true
+      - LDAP_REPLICATION_HOSTS=#PYTHON2BASH:['ldap://{{ hostvars['webserver'].int_ip4 }}','ldap://{{ hostvars['warpsrvint'].int_ip4 }}']
+
+  phpldapadmin:
+    image: osixia/phpldapadmin:0.7.2
+    restart: always
+    depends_on:
+      - openldap
+    ports:
+      - 127.0.0.1:42004:80
+    environment:
+      - PHPLDAPADMIN_LDAP_HOSTS={{ int_ip4 }}
+      - PHPLDAPADMIN_HTTPS=false
+      - PHPLDAPADMIN_TRUST_PROXY_SSL=true
diff --git a/common/nginx/includes/verwaltung-ldap.warpzone.ms b/common/nginx/includes/verwaltung-ldap.warpzone.ms
new file mode 100644
index 0000000000000000000000000000000000000000..d4ef0db9e083ae07697fb87e9e4ead4874f59959
--- /dev/null
+++ b/common/nginx/includes/verwaltung-ldap.warpzone.ms
@@ -0,0 +1,4 @@
+
+    location / {
+      rewrite     ^(.*)   https://ldap.warpzone.ms$1;
+    }
diff --git a/group_vars/prod b/group_vars/prod
index ce6d6ce39b6e22c0dddd6a3f78eabca5d3857128..156d26d48d1df92c3725afee7f9742686971d719 100644
--- a/group_vars/prod
+++ b/group_vars/prod
@@ -6,9 +6,9 @@ ldap_port_secure: 636
 
 # IP Adresse des LDAP Servers
 # Extern läuft auf dem webserver
-ldap_ip_ext: 10.0.20.2
+ldap_ip_ext: 10.42.1.1
 # int ist noch ungenutzt / später replikation in der Zone
-ldap_ip_int: 10.0.20.2
+ldap_ip_int: 10.42.1.1
 
 
 # Basis-Informationen der LDAP Konfiguration 
@@ -19,6 +19,12 @@ ldap_admin_bind_dn: cn=admin,dc=warpzone,dc=ms
 ldap_readonly_bind_dn: cn=readonly,dc=warpzone,dc=ms
 
 
+# SMTP Settings 
+smtp_host: smtp.warpzone.ms
+smtp_port: 25 
+noreply_email_user: noreply@warpzone.ms
+
+
 # Zentrale InfluxDb für Systemmonitoring  
 influxdb_sysmon:
   url: "http://192.168.0.201:18086"
diff --git a/group_vars/test b/group_vars/test
index abde386c847b5596609cfc4970aa813028a3f0c4..acff2065433164a2e6afb28ffc5758c6290374e3 100644
--- a/group_vars/test
+++ b/group_vars/test
@@ -21,4 +21,5 @@ ldap_readonly_bind_dn: cn=readonly,dc=warpzone-test,dc=ms
 # SMTP Settings 
 smtp_host: smtp.warpzone.ms
 smtp_port: 25 
-noreply_email_user: noreply@warpzone.ms
+noreply_email_user: test-noreply-test@warpzone.ms
+
diff --git a/host_vars/verwaltung b/host_vars/verwaltung
index 6b6fedb422e00187e377fd0ff46b15aec0402329..1fef3bf47517e1a784952e3e20b052cc71221c9e 100644
--- a/host_vars/verwaltung
+++ b/host_vars/verwaltung
@@ -33,6 +33,7 @@ host_type: "vm"
 webserver_domains: 
   - "verwaltung.warpzone.ms"
   - "verwaltung-git.warpzone.ms"
+  - "verwaltung-ldap.warpzone.ms"
 
 
 #OpenVPN Konfigurationen 
diff --git a/host_vars/warpsrvint b/host_vars/warpsrvint
index 9275624948e075f716762d54dc8572df1e92d2fd..aba465f7ebc1f9e6eb63fd71eba392058916d4bf 100644
--- a/host_vars/warpsrvint
+++ b/host_vars/warpsrvint
@@ -24,7 +24,7 @@ debian_keys_url:
 # Primäre IP Adressen des Hosts 
 #ext_ip4: <keine>
 #ext_ip6: <keine>
-int_ip4: 10.42.3.1
+int_ip4: 192.168.0.201
 
 
 # Art des Hosts: physical, vm, docker 
@@ -34,6 +34,7 @@ host_type: "physical"
 webserver_domains: 
   - "infra"
   - "infra-test"
+  - "ldap"
 
 administratorenteam:
   - "void"
diff --git a/warpsrvint/main.yml b/warpsrvint/main.yml
index 796cbd87d63755b4a51789810a9b829333742e4e..27b789fd0d4c48140d131899025e855f5ab3c9ef 100644
--- a/warpsrvint/main.yml
+++ b/warpsrvint/main.yml
@@ -7,6 +7,7 @@
     - { role: ../common/borgserver, tags: borgserver }
     - { role: ../common/docker, tags: docker }
     - { role: ../common/telegraf, tags: telegraf }
+    - { role: ../common/docker_ldap, tags: ldap }
     - { role: nginx, tags: nginx }
     - { role: docker_grafana, tags: grafana }
     - { role: docker_influx, tags: influx }
@@ -14,7 +15,6 @@
     - { role: docker_kapacitor, tags: kapacitor }
     - { role: docker_librenms, tags: librenms }
     - { role: docker_l4z0r, tags: l4z0r }
-#    - { role: docker_ldap, tags: ldap }
     - { role: docker_matestatdb, tags: matestatdb }
     - { role: docker_mqtt, tags: mqtt }
     - { role: docker_nodered, tags: nodered }
diff --git a/warpsrvint/nginx/includes/ldap b/warpsrvint/nginx/includes/ldap
new file mode 100644
index 0000000000000000000000000000000000000000..d37146d7e4dc17ca42230409117341e7cb245dda
--- /dev/null
+++ b/warpsrvint/nginx/includes/ldap
@@ -0,0 +1,13 @@
+
+
+
+    location /  {
+        	proxy_set_header        Host $host;
+        	proxy_set_header        X-Real-IP $remote_addr;
+
+	        proxy_pass      http://127.0.0.1:42004/;
+        	proxy_redirect  off;
+
+    }
+
+
diff --git a/webserver-test/main.yml b/webserver-test/main.yml
index 74f0f15e92e0aba9bedb5f625bf6dfa25da4a3ce..12dcc535d37c309c12bf73f88ddd49248e427977 100644
--- a/webserver-test/main.yml
+++ b/webserver-test/main.yml
@@ -5,7 +5,7 @@
   roles:
     - { role: ../common/docker, tags: docker }
     - { role: ../common/nginx, tags: nginx }
-    - { role: ../webserver/docker_ldap, tags: ldap }
+#    - { role: ../webserver/docker_ldap, tags: ldap }
     - { role: ../webserver/docker_wordpress, tags: wordpress }
 
 #    - { role: docker_mail, tags: mail }
diff --git a/webserver/docker_gitlab/tasks/main.yml b/webserver/docker_gitlab/tasks/main.yml
index b321d09bf8e62092e15ed00daccbb83f9342a6df..c9b45df108a1a1f7a6713ce9d5b1995fbad7892d 100644
--- a/webserver/docker_gitlab/tasks/main.yml
+++ b/webserver/docker_gitlab/tasks/main.yml
@@ -10,7 +10,6 @@
   slurp: src={{ item }}
   with_items:
     - /srv/shared/noreply_email_pass
-    - /srv/ldap/secret/ldap_readonly_pass
   register: gitlab_secrets
 
 - name: get secrets from server 2
diff --git a/webserver/docker_ldap/templates/docker-compose.yml b/webserver/docker_ldap/templates/docker-compose.yml
deleted file mode 100644
index e72b235041d70a8553b6eb5cbb98f7e4d94030cf..0000000000000000000000000000000000000000
--- a/webserver/docker_ldap/templates/docker-compose.yml
+++ /dev/null
@@ -1,39 +0,0 @@
-
-version: "3"
-
-services:
-
-  openldap:
-    image: osixia/openldap:1.1.10
-    restart: always
-    hostname: "{{ ldap_ip_ext }}"
-    ports:
-      - "{{ ldap_ip_ext }}:{{ ldap_port_default }}:389"
-      - "{{ ldap_ip_ext }}:{{ ldap_port_secure }}:636"
-    volumes:
-      - /srv/ldap/database:/var/lib/ldap
-      - /srv/ldap/config:/etc/ldap/slapd.d
-    environment:
-      - LDAP_ORGANISATION="{{ ldap_org }}"
-      - LDAP_DOMAIN="{{ ldap_domain }}"
-      - LDAP_ADMIN_PASSWORD="{{ ldap_admin_pass }}"
-      - LDAP_CONFIG_PASSWORD="{{ ldap_config_pass }}"  
-      - LDAP_READONLY_USER=true
-      - LDAP_READONLY_USER_USERNAME=readonly
-      - LDAP_READONLY_USER_PASSWORD="{{ ldap_readonly_pass }}"
-      - LDAP_REPLICATION=true
-      - LDAP_REPLICATION_HOSTS="#PYTHON2BASH:['ldap://{{ ldap_ip_ext }}:{{ ldap_port_default }}']"
-
-#      - LDAP_REPLICATION_HOSTS="#PYTHON2BASH:['ldap://{{ ldap_ip_ext }}:{{ ldap_port_default }}','ldap://{{ ldap_ip_int }}:{{ ldap_port_default }}']"
-
-  phpldapadmin:
-    image: osixia/phpldapadmin:0.7.1
-    restart: always
-    depends_on:
-      - openldap
-    ports:
-      - 127.0.0.1:42004:80
-    environment:
-      - PHPLDAPADMIN_LDAP_HOSTS=openldap
-      - PHPLDAPADMIN_HTTPS=false
-      - PHPLDAPADMIN_TRUST_PROXY_SSL=true
diff --git a/webserver/main.yml b/webserver/main.yml
index e640968d1352d2c84e1b5dc62c8d4f1dc0734ce6..fc65aac318d7cc0a41159c49ca4de35c885b03cd 100644
--- a/webserver/main.yml
+++ b/webserver/main.yml
@@ -8,13 +8,13 @@
     - { role: ../common/telegraf, tags: telegraf }
     - { role: ../common/nginx, tags: nginx }
     - { role: ../common/openvpn, tags: openvpn }
+    - { role: ../common/docker_ldap, tags: ldap }
     - { role: docker_alerta, tags: alerta }
     - { role: docker_dokuwiki, tags: dokuwiki }
     - { role: docker_etherpad, tags: etherpad }
     - { role: docker_gitlab, tags: gitlab }
     - { role: docker_hackmd, tags: hackmd }
     - { role: docker_jabber, tags: jabber }
-    - { role: docker_ldap, tags: ldap }
     - { role: docker_keycloak, tags: keycloak }
     - { role: docker_matterbridge, tags: matterbridge }
     - { role: docker_warpinfra, tags: warpinfra }