diff --git a/doc/Extensions/Authentication.md b/doc/Extensions/Authentication.md
index fa028796e0..d9fae8e467 100644
--- a/doc/Extensions/Authentication.md
+++ b/doc/Extensions/Authentication.md
@@ -156,12 +156,13 @@ If you set ```$config['auth_ad_require_groupmembership']``` to 1, the authentica
 ##### Sample configuration
 
 ```
-$config['auth_ad_url']                     = "ldaps://<your-domain.controll.er>";
+$config['auth_ad_url']                     = "ldaps://<your-domain.controll.er>";  // you can add multiple servers, separated by a space
 $config['auth_ad_domain']                  = "<your-domain.com>";
 $config['auth_ad_base_dn']                 = "<dc=your-domain,dc=com>";
 $config['auth_ad_check_certificates']      = true;  // require a valid ssl certificate
 $config['auth_ad_binduser']                = 'examplebinduser';
 $config['auth_ad_bindpassword']            = 'examplepassword';
+$config['auth_ad_timeout']                 = 5; // time to wait before giving up (or trying the next server)
 $config['auth_ad_debug']                   = false; // enable for verbose debug messages
 $config['active_directory']['users_purge'] = 30;    // purge users who haven't logged in for 30 days.
 $config['auth_ad_require_groupmembership'] = false; // require users to be members of a group listed below
diff --git a/html/includes/authentication/active_directory.inc.php b/html/includes/authentication/active_directory.inc.php
index 360b4ad5a4..bf056a8934 100644
--- a/html/includes/authentication/active_directory.inc.php
+++ b/html/includes/authentication/active_directory.inc.php
@@ -21,8 +21,7 @@ function init_auth()
     $ad_init = false;  // this variable tracks if bind has been called so we don't call it multiple times
     $ldap_connection = @ldap_connect($config['auth_ad_url']);
 
-// disable referrals and force ldap version to 3
-
+    // disable referrals and force ldap version to 3
     ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, 0);
     ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
 }
@@ -452,21 +451,33 @@ function ad_bind($connection, $allow_anonymous = true, $force = false)
         return true; // bind already attempted
     }
 
+    // set timeout
+    ldap_set_option(
+        $connection,
+        LDAP_OPT_NETWORK_TIMEOUT,
+        isset($config['auth_ad_timeout']) ? isset($config['auth_ad_timeout']) : 5
+    );
+
     // With specified bind user
     if (isset($config['auth_ad_binduser'], $config['auth_ad_bindpassword'])) {
         $ad_init = true;
-        return ldap_bind(
+        $bind = ldap_bind(
             $connection,
             "${config['auth_ad_binduser']}@${config['auth_ad_domain']}",
             "${config['auth_ad_bindpassword']}"
         );
+        ldap_set_option($connection, LDAP_OPT_NETWORK_TIMEOUT, -1); // restore timeout
+        return $bind;
     }
 
+    $bind = false;
+
     // Anonymous
     if ($allow_anonymous) {
         $ad_init = true;
-        return ldap_bind($connection);
+        $bind = ldap_bind($connection);
     }
 
-    return false;
+    ldap_set_option($connection, LDAP_OPT_NETWORK_TIMEOUT, -1); // restore timeout
+    return $bind;
 }