diff --git a/apps/user_ldap/appinfo/routes.php b/apps/user_ldap/appinfo/routes.php
index fae78b8982e30..a0e3ee1d4e2f3 100644
--- a/apps/user_ldap/appinfo/routes.php
+++ b/apps/user_ldap/appinfo/routes.php
@@ -23,14 +23,6 @@
 	->actionInclude('user_ldap/ajax/wizard.php');
 
 $application = new \OCP\AppFramework\App('user_ldap');
-$application->registerRoutes($this, [
-	'ocs' => [
-		['name' => 'ConfigAPI#create', 'url' => '/api/v1/config', 'verb' => 'POST'],
-		['name' => 'ConfigAPI#show',   'url' => '/api/v1/config/{configID}', 'verb' => 'GET'],
-		['name' => 'ConfigAPI#modify', 'url' => '/api/v1/config/{configID}', 'verb' => 'PUT'],
-		['name' => 'ConfigAPI#delete', 'url' => '/api/v1/config/{configID}', 'verb' => 'DELETE'],
-	]
-]);
 
 /** @var \OCA\User_LDAP\AppInfo\Application $application */
 $application = \OC::$server->query(\OCA\User_LDAP\AppInfo\Application::class);
diff --git a/apps/user_ldap/lib/Controller/ConfigAPIController.php b/apps/user_ldap/lib/Controller/ConfigAPIController.php
index 8ce2486c153ab..336bfc47524e3 100644
--- a/apps/user_ldap/lib/Controller/ConfigAPIController.php
+++ b/apps/user_ldap/lib/Controller/ConfigAPIController.php
@@ -12,7 +12,7 @@
 use OCA\User_LDAP\ConnectionFactory;
 use OCA\User_LDAP\Helper;
 use OCA\User_LDAP\Settings\Admin;
-use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\ApiRoute;
 use OCP\AppFramework\Http\Attribute\AuthorizedAdminSetting;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\OCS\OCSBadRequestException;
@@ -57,6 +57,7 @@ public function __construct(
 	 * 200: Config created successfully
 	 */
 	#[AuthorizedAdminSetting(settings: Admin::class)]
+	#[ApiRoute(verb: 'POST', url: '/api/v1/config')]
 	public function create() {
 		try {
 			$configPrefix = $this->ldapHelper->getNextServerConfigurationPrefix();
@@ -81,6 +82,7 @@ public function create() {
 	 * 200: Config deleted successfully
 	 */
 	#[AuthorizedAdminSetting(settings: Admin::class)]
+	#[ApiRoute(verb: 'DELETE', url: '/api/v1/config/{configID}')]
 	public function delete($configID) {
 		try {
 			$this->ensureConfigIDExists($configID);
@@ -110,6 +112,7 @@ public function delete($configID) {
 	 * 200: Config returned
 	 */
 	#[AuthorizedAdminSetting(settings: Admin::class)]
+	#[ApiRoute(verb: 'PUT', url: '/api/v1/config/{configID}')]
 	public function modify($configID, $configData) {
 		try {
 			$this->ensureConfigIDExists($configID);
@@ -214,6 +217,7 @@ public function modify($configID, $configData) {
 	 * 200: Config returned
 	 */
 	#[AuthorizedAdminSetting(settings: Admin::class)]
+	#[ApiRoute(verb: 'GET', url: '/api/v1/config/{configID}')]
 	public function show($configID, $showPassword = false) {
 		try {
 			$this->ensureConfigIDExists($configID);
diff --git a/apps/user_ldap/lib/Settings/Admin.php b/apps/user_ldap/lib/Settings/Admin.php
index 8fc0915c6fe42..c609a9e48de0a 100644
--- a/apps/user_ldap/lib/Settings/Admin.php
+++ b/apps/user_ldap/lib/Settings/Admin.php
@@ -8,19 +8,16 @@
 use OCA\User_LDAP\Configuration;
 use OCA\User_LDAP\Helper;
 use OCP\AppFramework\Http\TemplateResponse;
+use OCP\AppFramework\Services\IInitialState;
 use OCP\IL10N;
 use OCP\Settings\IDelegatedSettings;
 use OCP\Template;
 
 class Admin implements IDelegatedSettings {
-	/** @var IL10N */
-	private $l;
-
-	/**
-	 * @param IL10N $l
-	 */
-	public function __construct(IL10N $l) {
-		$this->l = $l;
+	public function __construct(
+		private IL10N $l,
+		private IInitialState $InitialState
+	) {
 	}
 
 	/**
@@ -44,6 +41,7 @@ public function getForm() {
 		$sControls = new Template('user_ldap', 'part.settingcontrols');
 		$sControls = $sControls->fetchPage();
 
+		// TODO: remove
 		$parameters['serverConfigurationPrefixes'] = $prefixes;
 		$parameters['serverConfigurationHosts'] = $hosts;
 		$parameters['settingControls'] = $sControls;
@@ -58,6 +56,22 @@ public function getForm() {
 			$parameters[$key . '_default'] = $default;
 		}
 
+		$ldapConfigs = [];
+		foreach ($prefixes as $prefix) {
+			$ldapConfig = new Configuration($prefix);
+			$rawLdapConfig = $ldapConfig->getConfiguration();
+			foreach ($rawLdapConfig as $key => $value) {
+				if (is_array($value)) {
+					$rawLdapConfig[$key] = implode(';', $value);
+				}
+			}
+
+			$ldapConfigs[$prefix] = $rawLdapConfig;
+		}
+
+		$this->InitialState->provideInitialState('ldapConfigs', $ldapConfigs);
+		$this->InitialState->provideInitialState('ldapModuleInstalled', function_exists('ldap_connect'));
+
 		return new TemplateResponse('user_ldap', 'settings', $parameters);
 	}
 
diff --git a/apps/user_ldap/src/LDAPSettingsApp.vue b/apps/user_ldap/src/LDAPSettingsApp.vue
new file mode 100644
index 0000000000000..1541566e4aa15
--- /dev/null
+++ b/apps/user_ldap/src/LDAPSettingsApp.vue
@@ -0,0 +1,21 @@
+<!--
+ - SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ - SPDX-License-Identifier: AGPL-3.0-or-later
+ -->
+<template>
+	<Settings />
+</template>
+
+<script lang="ts">
+import { defineComponent } from 'vue'
+
+import Settings from './views/Settings.vue'
+
+export default defineComponent({
+	name: 'LDAPSettingsApp',
+
+	components: {
+		Settings,
+	},
+})
+</script>
diff --git a/apps/user_ldap/src/components/SettingsTabs/AdvancedTab.vue b/apps/user_ldap/src/components/SettingsTabs/AdvancedTab.vue
new file mode 100644
index 0000000000000..70635d76c527b
--- /dev/null
+++ b/apps/user_ldap/src/components/SettingsTabs/AdvancedTab.vue
@@ -0,0 +1,272 @@
+<!--
+ - SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ - SPDX-License-Identifier: AGPL-3.0-or-later
+ -->
+<template>
+	<fieldset class="ldap-wizard__advanced">
+		<details open="true" name="ldap-wizard__advanced__section" class="ldap-wizard__advanced__section">
+			<summary><h3>{{ t('user_ldap', 'Connection Settings') }}</h3></summary>
+
+			<NcCheckboxRadioSwitch :checked="ldapConfig.ldapConfigurationActive === '1'"
+				:aria-label="t('user_ldap', 'When unchecked, this configuration will be skipped.')"
+				@update:checked="ldapConfig.ldapConfigurationActive = $event ? '1' : '0'">
+				{{ t('user_ldap', 'Configuration Active') }}
+			</NcCheckboxRadioSwitch>
+
+			<NcTextField autocomplete="off"
+				:label=" t('user_ldap', 'Backup (Replica) Host')"
+				:value.sync="ldapConfig.ldapBackupHost"
+				:helper-text="t('user_ldap', 'Give an optional backup host. It must be a replica of the main LDAP/AD server.')" />
+
+			<NcTextField type="number"
+				:value="ldapConfig.ldapBackupPort"
+				:label="t('user_ldap', 'Backup (Replica) Port') " />
+
+			<NcCheckboxRadioSwitch :checked="ldapConfig.ldapOverrideMainServer === '1'"
+				:aria-label="t('user_ldap', 'Only connect to the replica server.')"
+				@update:checked="ldapConfig.ldapOverrideMainServer = $event ? '1' : '0'">
+				{{ t('user_ldap', 'Disable Main Server') }}
+			</NcCheckboxRadioSwitch>
+
+			<NcCheckboxRadioSwitch :checked="ldapConfig.turnOffCertCheck === '1'"
+				:aria-label="t('user_ldap', 'Not recommended, use it for testing only! If connection only works with this option, import the LDAP server\'s SSL certificate in your {instanceName} server.', { instanceName })"
+				@update:checked="ldapConfig.turnOffCertCheck = $event ? '1' : '0'">
+				{{ t('user_ldap', 'Turn off SSL certificate validation.') }}
+			</NcCheckboxRadioSwitch>
+
+			<NcTextField type="number"
+				:label="t('user_ldap', 'Cache Time-To-Live')"
+				:value="ldapConfig.ldapCacheTTL"
+				:helper-text="t('user_ldap', 'in seconds. A change empties the cache.')" />
+		</details>
+
+		<details name="ldap-wizard__advanced__section" class="ldap-wizard__advanced__section">
+			<summary><h3>{{ t('user_ldap', 'Directory Settings') }}</h3></summary>
+
+			<NcTextField autocomplete="off"
+				:value.sync="ldapConfig.ldapUserDisplayName"
+				:label="t('user_ldap', 'User Display Name Field')"
+				:helper-text="t('user_ldap', 'The LDAP attribute to use to generate the user\'s display name.')" />
+
+			<NcTextField autocomplete="off"
+				:value.sync="ldapConfig.ldapUserDisplayName2"
+				:label="t('user_ldap', '2nd User Display Name Field')"
+				:helper-text="t('user_ldap', 'Optional. An LDAP attribute to be added to the display name in brackets. Results in e.g. »John Doe (john.doe@example.org)«.')" />
+
+			<NcTextArea :value.sync="ldapConfig.ldapBaseUsers"
+				:placeholder="t('user_ldap', 'One User Base DN per line')"
+				:label="t('user_ldap', 'Base User Tree')" />
+
+			<NcTextArea :value.sync="ldapConfig.ldapAttributesForUserSearch"
+				:placeholder="t('user_ldap', 'Optional; one attribute per line')"
+				:label="t('user_ldap', 'Base User Tree')"
+				:helper-text="t('user_ldap', 'User Search Attributes')" />
+
+			<NcCheckboxRadioSwitch :checked="ldapConfig.markRemnantsAsDisabled === '1'"
+				:aria-label="t('user_ldap', 'When switched on, users imported from LDAP which are then missing will be disabled')"
+				@update:checked="ldapConfig.markRemnantsAsDisabled = $event ? '1' : '0'">
+				{{ t('user_ldap', 'Disable users missing from LDAP') }}
+			</NcCheckboxRadioSwitch>
+
+			<NcTextField autocomplete="off"
+				:value.sync="ldapConfig.ldapGroupDisplayName"
+				:label="t('user_ldap', 'Group Display Name Field')"
+				:title="t('user_ldap', 'The LDAP attribute to use to generate the groups\'s display name.')" />
+
+			<NcTextArea :value.sync="ldapConfig.ldapBaseGroups"
+				:placeholder="t('user_ldap', 'One Group Base DN per line')"
+				:label="t('user_ldap', 'Base Group Tree')" />
+
+			<NcTextArea :value.sync="ldapConfig.ldapAttributesForGroupSearch"
+				:placeholder="t('user_ldap', 'Optional; one attribute per line')"
+				:label="t('user_ldap', 'Group Search Attributes')" />
+
+			<!-- TODO -->
+			<!-- <label for="ldap_group_member_assoc_attribute">{{ t('user_ldap', 'Group-Member association') }}</label>
+			<select id="ldap_group_member_assoc_attribute" :value="ldapConfig.ldapGroupMemberAssocAttribute">
+				<option value="uniqueMember" :selected="ldap_group_member_assoc_attribute === 'uniqueMember'">
+					{{ t('user_ldap', 'uniqueMember') }}
+				</option>
+				<option value="memberUid" :selected="ldap_group_member_assoc_attribute === 'memberUid'">
+					{{ t('user_ldap', 'memberUid') }}
+				</option>
+				<option value="member" :selected="ldap_group_member_assoc_attribute === 'member'">
+					{{ t('user_ldap', 'member (AD)') }}
+				</option>
+				<option value="gidNumber" :selected="ldap_group_member_assoc_attribute === 'gidNumber'">
+					{{ t('user_ldap', 'gidNumber') }}
+				</option>
+				<option value="zimbraMailForwardingAddress"
+					:selected="ldap_group_member_assoc_attribute === 'zimbraMailForwardingAddress'">
+					{{ t('user_ldap', 'zimbraMailForwardingAddress') }}
+				</option>
+			</select> -->
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'Dynamic Group Member URL')"
+				:value.sync="ldapConfig.ldapDynamicGroupMemberURL"
+				:helper-text="t('user_ldap', 'The LDAP attribute that on group objects contains an LDAP search URL that determines what objects belong to the group. (An empty setting disables dynamic group membership functionality.)')" />
+
+			<NcCheckboxRadioSwitch :checked="ldapConfig.ldapNestedGroups === '1'"
+				:aria-label="t('user_ldap', 'When switched on, groups that contain groups are supported. (Only works if the group member attribute contains DNs.)')"
+				@update:checked="ldapConfig.ldapNestedGroups = $event ? '1' : '0'">
+				{{ t('user_ldap', 'Nested Groups') }}
+			</NcCheckboxRadioSwitch>
+
+			<NcTextField type="number"
+				:label="t('user_ldap', 'Paging chunksize')"
+				:value.sync="ldapConfig.ldapPagingSize"
+				:helper-text="t('user_ldap', 'Chunksize used for paged LDAP searches that may return bulky results like user or group enumeration. (Setting it 0 disables paged LDAP searches in those situations.)')" />
+
+			<NcCheckboxRadioSwitch :checked="ldapConfig.turnOnPasswordChange === '1'"
+				:aria-label="t('user_ldap', 'Allow LDAP users to change their password and allow Super Administrators and Group Administrators to change the password of their LDAP users. Only works when access control policies are configured accordingly on the LDAP server. As passwords are sent in plaintext to the LDAP server, transport encryption must be used and password hashing should be configured on the LDAP server.')"
+				@update:checked="ldapConfig.turnOnPasswordChange = $event ? '1' : '0'">
+				{{ t('user_ldap', 'Enable LDAP password changes per user') }}
+			</NcCheckboxRadioSwitch>
+			<span class="tablecell">
+				{{ t('user_ldap', '(New password is sent as plain text to LDAP)') }}
+			</span>
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'Default password policy DN')"
+				:value.sync="ldapConfig.ldapDefaultPPolicyDN"
+				:helper-text="t('user_ldap', 'The DN of a default password policy that will be used for password expiry handling. Works only when LDAP password changes per user are enabled and is only supported by OpenLDAP. Leave empty to disable password expiry handling.')" />
+		</details>
+
+		<details name="ldap-wizard__advanced__section" class="ldap-wizard__advanced__section">
+			<summary><h3>{{ t('user_ldap', 'Special Attributes') }}</h3></summary>
+
+			<NcTextField autocomplete="off"
+				:value.sync="ldapConfig.ldapQuotaAttribute"
+				:label="t('user_ldap', 'Quota Field')"
+				:helper-text="t('user_ldap', 'Leave empty for user\'s default quota. Otherwise, specify an LDAP/AD attribute.')" />
+
+			<NcTextField autocomplete="off"
+				:value.sync="ldapConfig.ldapQuotaDefault"
+				:label="t('user_ldap', 'Quota Default')"
+				:helper-text="t('user_ldap', 'Override default quota for LDAP users who do not have a quota set in the Quota Field.')" />
+
+			<NcTextField autocomplete="off"
+				:value.sync="ldapConfig.ldapEmailAttribute"
+				:label="t('user_ldap', 'Email Field')"
+				:helper-text="t('user_ldap', 'Set the user\'s email from their LDAP attribute. Leave it empty for default behaviour.')" />
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'User Home Folder Naming Rule')"
+				:value.sync="ldapConfig.homeFolderNamingRule"
+				:helper-text="t('user_ldap', 'Leave empty for username (default). Otherwise, specify an LDAP/AD attribute.')" />
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', '`$home` Placeholder Field')"
+				:value.sync="ldapConfig.ldapExtStorageHomeAttribute"
+				:helper-text="t('user_ldap', '$home in an external storage configuration will be replaced with the value of the specified attribute')" />
+		</details>
+
+		<details name="ldap-wizard__advanced__section" class="ldap-wizard__advanced__section">
+			<summary><h3>{{ t('user_ldap', 'User Profile Attributes') }}</h3></summary>
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'Phone Field')"
+				:value.sync="ldapConfig.ldapAttributePhone"
+				:helper-text="t('user_ldap', 'User profile Phone will be set from the specified attribute')" />
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'Website Field')"
+				:value.sync="ldapConfig.ldapAttributeWebsite"
+				:helper-text="t('user_ldap', 'User profile Website will be set from the specified attribute')" />
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'Address Field')"
+				:value.sync="ldapConfig.ldapAttributeAddress"
+				:helper-text="t('user_ldap', 'User profile Address will be set from the specified attribute')" />
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'Twitter Field')"
+				:value.sync="ldapConfig.ldapAttributeTwitter"
+				:helper-text="t('user_ldap', 'User profile Twitter will be set from the specified attribute')" />
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'Fediverse Field')"
+				:value.sync="ldapConfig.ldapAttributeFediverse"
+				:helper-text="t('user_ldap', 'User profile Fediverse will be set from the specified attribute')" />
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'Organisation Field')"
+				:value.sync="ldapConfig.ldapAttributeOrganisation"
+				:helper-text="t('user_ldap', 'User profile Organisation will be set from the specified attribute')" />
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'Role Field')"
+				:value.sync="ldapConfig.ldapAttributeRole"
+				:helper-text="t('user_ldap', 'User profile Role will be set from the specified attribute')" />
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'Headline Field')"
+				:value.sync="ldapConfig.ldapAttributeHeadline"
+				:helper-text="t('user_ldap', 'User profile Headline will be set from the specified attribute')" />
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'Biography Field')"
+				:value.sync="ldapConfig.ldapAttributeBiography"
+				:helper-text="t('user_ldap', 'User profile Biography will be set from the specified attribute')" />
+
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'Birthdate Field')"
+				:value.sync="ldapConfig.ldapAttributeBirthDate"
+				:helper-text="t('user_ldap', 'User profile Date of birth will be set from the specified attribute')" />
+		</details>
+	</fieldset>
+</template>
+
+<script lang="ts" setup>
+import { storeToRefs } from 'pinia'
+
+import { t } from '@nextcloud/l10n'
+import { NcTextField, NcTextArea, NcCheckboxRadioSwitch } from '@nextcloud/vue'
+import { getCapabilities } from '@nextcloud/capabilities'
+
+import { useLDAPConfigsStore } from '../../store/configs'
+
+const ldapConfigsStore = useLDAPConfigsStore()
+const { selectedConfig: ldapConfig } = storeToRefs(ldapConfigsStore)
+
+const instanceName = (getCapabilities() as { theming: { name:string } }).theming.name
+</script>
+<style lang="scss" scoped>
+.ldap-wizard__advanced {
+	display: flex;
+	flex-direction: column;
+	gap: 16px;
+
+	&__section {
+		display: flex;
+		flex-direction: column;
+		border: 1px solid var(--color-text-lighter);
+		border-radius: var(--border-radius);
+		padding: 8px;
+
+		& > * {
+			margin-top: 12px !important;
+		}
+
+		summary {
+			margin-top: 0 !important;
+
+			h3 {
+				margin: 0;
+				display: inline;
+				cursor: pointer;
+				color: var(--color-text-lighter);
+				font-size: 16px;
+
+			}
+		}
+
+		&:hover, &[open] {
+			h3 {
+				color: var(--color-text-light);
+			}
+		}
+	}
+}
+</style>
diff --git a/apps/user_ldap/src/components/SettingsTabs/ExpertTab.vue b/apps/user_ldap/src/components/SettingsTabs/ExpertTab.vue
new file mode 100644
index 0000000000000..b1896208cadfc
--- /dev/null
+++ b/apps/user_ldap/src/components/SettingsTabs/ExpertTab.vue
@@ -0,0 +1,55 @@
+<!--
+ - SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ - SPDX-License-Identifier: AGPL-3.0-or-later
+ -->
+<template>
+	<fieldset class="ldap-wizard__expert">
+		<div class="ldap-wizard__expert__line">
+			<strong>{{ t('user_ldap', 'Internal Username') }}</strong>
+			<label for="ldap_expert_username_attr">{{ t('user_ldap', 'By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [a-zA-Z0-9_.@-]. Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder. It is also a part of remote URLs, for instance for all DAV services. With this setting, the default behavior can be overridden. Changes will have effect only on newly mapped (added) LDAP users. Leave it empty for default behavior.') }}</label>
+			<NcTextField id="ldap_expert_username_attr"
+				autocomplete="off"
+				:label="t('user_ldap', 'Internal Username Attribute:')"
+				:value.sync="ldapConfig.ldapExpertUsernameAttr"
+				:label-outside="true" />
+		</div>
+
+		<div class="ldap-wizard__expert__line">
+			<strong>{{ t('user_ldap', 'Override UUID detection') }}</strong>
+			<label for="ldap_expert_uuid_user_attr">{{ t('user_ldap', 'By default, the UUID attribute is automatically detected. The UUID attribute is used to doubtlessly identify LDAP users and groups. Also, the internal username will be created based on the UUID, if not specified otherwise above. You can override the setting and pass an attribute of your choice. You must make sure that the attribute of your choice can be fetched for both users and groups and it is unique. Leave it empty for default behavior. Changes will have effect only on newly mapped (added) LDAP users and groups.') }}</label>
+			<NcTextField id="ldap_expert_uuid_user_attr"
+				autocomplete="off"
+				:label="t('user_ldap', 'UUID Attribute for Users')"
+				:value.sync="ldapConfig.ldapExpertUUIDUserAttr" />
+			<NcTextField autocomplete="off"
+				:label="t('user_ldap', 'UUID Attribute for Groups')"
+				:value.sync="ldapConfig.ldapExpertUUIDGroupAttr" />
+		</div>
+	</fieldset>
+</template>
+
+<script lang="ts" setup>
+import { storeToRefs } from 'pinia'
+
+import { t } from '@nextcloud/l10n'
+import { NcTextField } from '@nextcloud/vue'
+
+import { useLDAPConfigsStore } from '../../store/configs'
+
+const ldapConfigsStore = useLDAPConfigsStore()
+const { selectedConfig: ldapConfig } = storeToRefs(ldapConfigsStore)
+</script>
+<style lang="scss" scoped>
+.ldap-wizard__expert {
+	display: flex;
+	flex-direction: column;
+	gap: 16px;
+
+	&__line {
+		display: flex;
+		flex-direction: column;
+		padding-left: 32px;
+		gap: 4px;
+	}
+}
+</style>
diff --git a/apps/user_ldap/src/components/SettingsTabs/GroupsTab.vue b/apps/user_ldap/src/components/SettingsTabs/GroupsTab.vue
new file mode 100644
index 0000000000000..c99e4f763437e
--- /dev/null
+++ b/apps/user_ldap/src/components/SettingsTabs/GroupsTab.vue
@@ -0,0 +1,152 @@
+<!--
+ - SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ - SPDX-License-Identifier: AGPL-3.0-or-later
+ -->
+<template>
+	<fieldset class="ldap-wizard__groups">
+		{{ t('user_ldap', 'Groups meeting these criteria are available in {instanceName}:', {instanceName}) }}
+
+		<div class="ldap-wizard__groups__line ldap-wizard__groups__filter-selection">
+			<NcSelect v-model="ldapConfig.ldapGroupFilterObjectclass"
+				class="ldap-wizard__groups__group-filter-groups__select"
+				:options="['TODO']"
+				:disable="allowUserFilterGroupsSelection"
+				:input-label="t('user_ldap', 'Only these object classes:')"
+				:multiple="true" />
+
+			<!-- <input type="text" class="ldapManyGroupsSupport ldapManyGroupsSearch hidden" placeholder="t('user_ldap', 'Search groups')"> -->
+			<NcSelect v-model="ldapConfig.ldapGroupFilterObjectclass"
+				class="ldap-wizard__groups__group-filter-groups__select"
+				:options="['TODO']"
+				:disable="allowUserFilterGroupsSelection"
+				:input-label="t('user_ldap', 'Only from these groups:')"
+				:multiple="true" />
+		</div>
+
+		<!-- TODO -->
+		<div class="ldap-wizard__groups__line">
+			<p class="ldapManyGroupsSupport hidden">
+				<select class="ldapGroupList ldapGroupListAvailable"
+					:multiple="true"
+					aria-describedby="ldapGroupListAvailable_instructions"
+					title="t('user_ldap', 'Available groups')" />
+			</p>
+			<p id="ldapGroupListAvailable_instructions" class="hidden-visually">
+				{{ t('user_ldap', 'Available groups') }}
+			</p>
+
+			<span>
+				<NcButton class="ldapGroupListSelect">&gt;</NcButton><br>
+				<NcButton class="ldapGroupListDeselect">&lt;</NcButton>
+			</span>
+
+			<select class="ldapGroupList ldapGroupListSelected"
+				:multiple="true"
+				aria-describedby="ldapGroupListSelected_instructions"
+				title="t('user_ldap', 'Selected groups')" />
+			<p id="ldapGroupListSelected_instructions" class="hidden-visually">
+				{{ t('user_ldap', 'Selected groups') }}
+			</p>
+		</div>
+
+		<div class="ldap-wizard__groups__line ldap-wizard__groups__groups-filter">
+			<NcCheckboxRadioSwitch :checked="ldapConfig.ldapGroupFilterMode === '1'"
+				@update:checked="toggleFilterMode">
+				{{ t('user_name', 'Edit LDAP Query') }}
+			</NcCheckboxRadioSwitch>
+
+			<div v-if="ldapConfig.ldapGroupFilterMode === '0'">
+				<label>{{ t('user_name', 'LDAP Filter:') }}</label>
+				<code>{{ ldapConfig.ldapGroupFilter }}</code>
+			</div>
+			<div v-else>
+				<NcTextArea :value.sync="ldapConfig.ldapGroupFilter"
+					:placeholder="t('user_name', 'Edit LDAP Query')"
+					:helper-text="t('user_name', 'The filter specifies which LDAP groups shall have access to the {instanceName} instance.', {instanceName})" />
+			</div>
+		</div>
+
+		<div class="ldap-wizard__groups__line ldap-wizard__groups__groups-count-check">
+			<NcButton @click="countGroups">
+				{{ t('user_ldap', 'Verify settings and count the groups') }}
+			</NcButton>
+
+			<span v-if="groupsCount !== undefined">{{ t('user_ldap', "Groups count: {groupsCount}", { groupsCount }) }}</span>
+		</div>
+	</fieldset>
+</template>
+
+<script lang="ts" setup>
+import { ref } from 'vue'
+import { storeToRefs } from 'pinia'
+
+import { t } from '@nextcloud/l10n'
+import { NcButton, NcTextArea, NcCheckboxRadioSwitch, NcSelect } from '@nextcloud/vue'
+import { getCapabilities } from '@nextcloud/capabilities'
+
+import { useLDAPConfigsStore } from '../../store/configs'
+import { showEnableAutomaticFilterInfo } from '../../services/ldapConfigService'
+import { useWizardStore } from '../../store/wizard'
+
+const ldapConfigsStore = useLDAPConfigsStore()
+const wizardStore = useWizardStore()
+const { selectedConfig: ldapConfig } = storeToRefs(ldapConfigsStore)
+
+const instanceName = (getCapabilities() as { theming: { name:string } }).theming.name
+
+const groupsCount = ref<number|undefined>(undefined)
+const allowUserFilterGroupsSelection = ref(false)
+
+/**
+ *
+ */
+async function countGroups() {
+	const { changes: { ldap_test_base: ldapTestBase } } = await wizardStore.callWizardAction('countGroups')
+	groupsCount.value = ldapTestBase
+}
+
+/**
+ *
+ * @param value
+ */
+async function toggleFilterMode(value: boolean) {
+	if (value) {
+		ldapConfig.value.ldapGroupFilterMode = '1'
+	} else {
+		ldapConfig.value.ldapGroupFilterMode = await showEnableAutomaticFilterInfo()
+	}
+}
+</script>
+<style lang="scss" scoped>
+.ldap-wizard__groups {
+	display: flex;
+	flex-direction: column;
+	gap: 16px;
+
+	&__line {
+		display: flex;
+		align-items: start;
+	}
+
+	&__filter-selection {
+		flex-direction: column;
+	}
+
+	&__groups-filter {
+		display: flex;
+		flex-direction: column;
+
+		code {
+			background-color: var(--color-background-dark);
+			padding: 4px;
+			border-radius: 4px;
+		}
+	}
+
+	&__groups-count-check {
+		display: flex;
+		align-items: center;
+		gap: 16px;
+	}
+}
+</style>
diff --git a/apps/user_ldap/src/components/SettingsTabs/LoginTab.vue b/apps/user_ldap/src/components/SettingsTabs/LoginTab.vue
new file mode 100644
index 0000000000000..7c0a7ca2f1407
--- /dev/null
+++ b/apps/user_ldap/src/components/SettingsTabs/LoginTab.vue
@@ -0,0 +1,175 @@
+<!--
+ - SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ - SPDX-License-Identifier: AGPL-3.0-or-later
+ -->
+<template>
+	<fieldset class="ldap-wizard__login">
+		{{ t('user_ldap', 'When logging in, {instanceName} will find the user based on the following attributes:', { instanceName }) }}
+
+		<div class="ldap-wizard__login__line ldap-wizard__login__login-attributes">
+			<NcCheckboxRadioSwitch :disabled="ldapConfig.ldapLoginFilterMode === '1'"
+				:checked="ldapConfig.ldapLoginFilterUsername === '1'"
+				:aria-label="t('user_ldap', 'Allows login against the LDAP/AD username, which is either `uid` or `sAMAccountName` and will be detected.')"
+				@update:checked="ldapConfig.ldapLoginFilterUsername = $event ? '1' : '0'">
+				{{ t('user_ldap', 'LDAP/AD Username') }}
+			</NcCheckboxRadioSwitch>
+
+			<NcCheckboxRadioSwitch :disabled="ldapConfig.ldapLoginFilterMode === '1'"
+				:checked="ldapConfig.ldapLoginFilterEmail === '1'"
+				:aria-label="t('user_ldap', 'Allows login against an email attribute. `mail` and `mailPrimaryAddress` allowed.')"
+				@update:checked="ldapConfig.ldapLoginFilterEmail = $event ? '1' : '0'">
+				{{ t('user_ldap', 'LDAP/AD Email Address') }}
+			</NcCheckboxRadioSwitch>
+
+			<NcSelect :value="selectedLoginFilterAttributes"
+				:close-on-select="false"
+				:disabled="ldapConfig.ldapLoginFilterMode === '1'"
+				:options="filteredLoginFilterOptions"
+				:input-label="t('user_ldap', 'Other Attributes:')"
+				:multiple="true"
+				@input="updateLoginFilterAttributes" />
+		</div>
+
+		<div class="ldap-wizard__login__line ldap-wizard__login__user-login-filter">
+			<NcCheckboxRadioSwitch :checked="ldapConfig.ldapLoginFilterMode === '1'"
+				@update:checked="toggleFilterMode">
+				{{ t('user_name', 'Edit LDAP Query') }}
+			</NcCheckboxRadioSwitch>
+
+			<div v-if="ldapConfig.ldapLoginFilterMode === '0'">
+				<label>{{ t('user_name', 'LDAP Filter:') }}</label>
+				<code>{{ ldapConfig.ldapLoginFilter }}</code>
+			</div>
+			<div v-else>
+				<NcTextArea :value.sync="ldapConfig.ldapLoginFilter"
+					:placeholder="t('user_name', 'Edit LDAP Query')"
+					:helper-text="t('user_name', 'Defines the filter to apply, when login is attempted. `%%uid` replaces the username in the login action. Example: `uid=%%uid`')" />
+			</div>
+		</div>
+
+		<div class="ldap-wizard__login__line">
+			<NcTextField :value.sync="testUsername"
+				:helper-text="t('user_ldap', 'Attempts to receive a DN for the given login name and the current login filter')"
+				:placeholder="t('user_ldap', 'Test Login name')"
+				autocomplete="off" />
+
+			<NcButton :disabled="enableVerifyButton"
+				@click="verifyLoginName">
+				{{ t('user_ldap', 'Verify settings') }}
+			</NcButton>
+		</div>
+	</fieldset>
+</template>
+
+<script lang="ts" setup>
+import { computed, ref } from 'vue'
+import { storeToRefs } from 'pinia'
+
+import { t } from '@nextcloud/l10n'
+import { NcButton, NcTextField, NcTextArea, NcCheckboxRadioSwitch, NcSelect } from '@nextcloud/vue'
+import { getCapabilities } from '@nextcloud/capabilities'
+import { showError, showSuccess } from '@nextcloud/dialogs'
+
+import { useLDAPConfigsStore } from '../../store/configs'
+import { useWizardStore } from '../../store/wizard'
+import { showEnableAutomaticFilterInfo } from '../../services/ldapConfigService'
+
+const ldapConfigsStore = useLDAPConfigsStore()
+const wizardStore = useWizardStore()
+
+const { selectedConfig: ldapConfig } = storeToRefs(ldapConfigsStore)
+
+const instanceName = (getCapabilities() as { theming: { name:string } }).theming.name
+const testUsername = ref('')
+const enableVerifyButton = ref(false)
+
+const loginFilterOptions = ref<string[]>([])
+const selectedLoginFilterAttributes = computed(() => ldapConfig.value.ldapLoginFilterAttributes.split(';'))
+const filteredLoginFilterOptions = computed(() => loginFilterOptions.value.filter((option) => !selectedLoginFilterAttributes.value.includes(option)))
+wizardStore.callWizardAction('determineAttributes')
+	.then(({ options }) => { loginFilterOptions.value = options.ldap_loginfilter_attributes })
+
+/**
+ *
+ * @param value
+ */
+function updateLoginFilterAttributes(value) {
+	ldapConfig.value.ldapLoginFilterAttributes = value.join(';')
+}
+
+/**
+ *
+ */
+async function verifyLoginName() {
+	try {
+		const { changes: { ldap_test_loginname: testLoginName, ldap_test_effective_filter: testEffectiveFilter } } = await wizardStore.callWizardAction('testLoginName', { ldap_test_loginname: testUsername.value })
+
+		if (testLoginName < 1) {
+			showSuccess(t('user_ldap', 'User not found. Please check your login attributes and username. Effective filter (to copy-and-paste for command-line validation): {filter}', { filter: testEffectiveFilter }))
+		} else if (testLoginName === 1) {
+			showSuccess(t('user_ldap', 'User found and settings verified.'))
+		} else if (testLoginName > 1) {
+			showSuccess(t('user_ldap', 'Consider narrowing your search, as it encompassed many users, only the first one of whom will be able to log in.'))
+		}
+	} catch (error) {
+		const message = error ?? t('user_ldap', 'An unspecified error occurred. Please check log and settings.')
+
+		switch (message) {
+		case 'Bad search filter':
+			showError(t('user_ldap', 'The search filter is invalid, probably due to syntax issues like uneven number of opened and closed brackets. Please revise.'))
+			break
+		case 'connection error':
+			showError(t('user_ldap', 'A connection error to LDAP/AD occurred. Please check host, port and credentials.'))
+			break
+		case 'missing placeholder':
+			showError(t('user_ldap', 'The "%uid" placeholder is missing. It will be replaced with the login name when querying LDAP/AD.'))
+			break
+		}
+	}
+}
+
+/**
+ *
+ * @param value
+ */
+async function toggleFilterMode(value: boolean) {
+	if (value) {
+		ldapConfig.value.ldapLoginFilterMode = '1'
+	} else {
+		ldapConfig.value.ldapLoginFilterMode = await showEnableAutomaticFilterInfo()
+	}
+}
+</script>
+<style lang="scss" scoped>
+.ldap-wizard__login {
+	display: flex;
+	flex-direction: column;
+	gap: 16px;
+
+	button {
+		flex-shrink: 0;
+	}
+
+	&__line {
+		display: flex;
+		align-items: start;
+		gap: 8px;
+	}
+
+	&__login-attributes {
+		display: flex;
+		flex-direction: column;
+	}
+
+	&__user-login-filter {
+		display: flex;
+		flex-direction: column;
+
+		code {
+			background-color: var(--color-background-dark);
+			padding: 4px;
+			border-radius: 4px;
+		}
+	}
+}
+</style>
diff --git a/apps/user_ldap/src/components/SettingsTabs/ServerTab.vue b/apps/user_ldap/src/components/SettingsTabs/ServerTab.vue
new file mode 100644
index 0000000000000..f785dbe38c6f3
--- /dev/null
+++ b/apps/user_ldap/src/components/SettingsTabs/ServerTab.vue
@@ -0,0 +1,162 @@
+<!--
+ - SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ - SPDX-License-Identifier: AGPL-3.0-or-later
+ -->
+<template>
+	<fieldset class="ldap-wizard__server">
+		<div class="ldap-wizard__server__line">
+			<NcButton :aria-label="t('user_ldap', 'Copy current configuration into new directory binding')"
+				@click="() => ldapConfigsStore.copyConfig(ldapConfigId)">
+				<template #icon>
+					<ContentCopy :size="20" />
+				</template>
+			</NcButton>
+			<NcButton type="error"
+				:aria-label="t('user_ldap', 'Delete the current configuration')"
+				@click="() => ldapConfigsStore.removeConfig(ldapConfigId)">
+				<template #icon>
+					<Delete :size="20" />
+				</template>
+			</NcButton>
+		</div>
+
+		<div class="ldap-wizard__server__line">
+			<NcTextField :value.sync="ldapConfig.ldapHost"
+				:helper-text="t('user_ldap', 'You can omit the protocol, unless you require SSL. If so, start with ldaps://')"
+				:placeholder="t('user_ldap', 'Host')"
+				autocomplete="off" />
+			<div class="ldap-wizard__server__host__port">
+				<NcTextField :value.sync="ldapConfig.ldapPort"
+					:placeholder="t('user_ldap', 'Port')"
+					type="number"
+					autocomplete="off" />
+				<NcButton :disabled="currentWizardActions.includes('guessPortAndTLS')" @click="guessPortAndTLS">
+					{{ t('user_ldap', 'Detect Port') }}
+				</NcButton>
+			</div>
+		</div>
+
+		<div class="ldap-wizard__server__line">
+			<NcTextField :value.sync="localLdapAgentName"
+				:helper-text="t('user_ldap', 'The DN of the client user with which the bind shall be done, e.g. uid=agent,dc=example,dc=com. For anonymous access, leave DN and Password empty.')"
+				:placeholder="t('user_ldap', 'User DN')"
+				autocomplete="off" />
+		</div>
+
+		<div class="ldap-wizard__server__line">
+			<NcTextField type="password"
+				:helper-text="t('user_ldap', 'For anonymous access, leave DN and Password empty.')"
+				:value.sync="localLdapAgentPassword"
+				:placeholder="t('user_ldap', 'Password')"
+				autocomplete="off" />
+
+			<NcButton :disabled="!needsToSaveCredentials" @click="updateCredentials">
+				{{ t('user_ldap', 'Save Credentials') }}
+			</NcButton>
+		</div>
+
+		<div class="ldap-wizard__server__line">
+			<NcTextArea :label="t('user_ldap', 'Base DN')"
+				:value.sync="ldapConfig.ldapBase"
+				:placeholder="t('user_ldap', 'One Base DN per line')"
+				:helper-text="t('user_ldap', 'You can specify Base DN for users and groups in the Advanced tab')" />
+
+			<NcButton :disabled="currentWizardActions.includes('guessBaseDN')" @click="guessBaseDN">
+				{{ t('user_ldap', 'Detect Base DN') }}
+			</NcButton>
+			<NcButton :disabled="currentWizardActions.includes('countInBaseDN')" @click="countInBaseDN">
+				{{ t('user_ldap', 'Test Base DN') }}
+			</NcButton>
+		</div>
+
+		<div class="ldap-wizard__server__line">
+			<NcCheckboxRadioSwitch :checked="ldapConfig.ldapExperiencedAdmin === '1'"
+				:aria-label="t('user_ldap', 'Avoids automatic LDAP requests. Better for bigger setups, but requires some LDAP knowledge.')"
+				@update:checked="ldapConfig.ldapExperiencedAdmin = $event ? '1' : '0'">
+				{{ t('user_ldap', 'Manually enter LDAP filters (recommended for large directories)') }}
+			</NcCheckboxRadioSwitch>
+		</div>
+	</fieldset>
+</template>
+
+<script lang="ts" setup>
+import { computed, ref } from 'vue'
+import { storeToRefs } from 'pinia'
+
+import ContentCopy from 'vue-material-design-icons/ContentCopy.vue'
+import Delete from 'vue-material-design-icons/Delete.vue'
+
+import { t } from '@nextcloud/l10n'
+import { NcButton, NcTextField, NcTextArea, NcCheckboxRadioSwitch } from '@nextcloud/vue'
+
+import { useLDAPConfigsStore } from '../../store/configs'
+import { showInfo } from '@nextcloud/dialogs'
+import { useWizardStore } from '../../store/wizard'
+
+const ldapConfigsStore = useLDAPConfigsStore()
+const { selectedConfigId: ldapConfigId, selectedConfig: ldapConfig } = storeToRefs(ldapConfigsStore)
+const { currentWizardActions, callWizardAction } = useWizardStore()
+
+const localLdapAgentName = ref(ldapConfig.value.ldapAgentName)
+const localLdapAgentPassword = ref(ldapConfig.value.ldapAgentPassword)
+const needsToSaveCredentials = computed(() => {
+	return ldapConfig.value.ldapAgentName !== localLdapAgentName.value || ldapConfig.value.ldapAgentPassword !== localLdapAgentPassword.value
+})
+
+/**
+ *
+ */
+function updateCredentials() {
+	ldapConfig.value.ldapAgentName = localLdapAgentName.value
+	ldapConfig.value.ldapAgentPassword = localLdapAgentPassword.value
+}
+
+/**
+ *
+ */
+async function guessPortAndTLS() {
+	const { changes: { ldap_port: ldapPort } } = await callWizardAction('guessPortAndTLS')
+	ldapConfig.value.ldapPort = String(ldapPort)
+}
+
+/**
+ *
+ */
+async function guessBaseDN() {
+	const { changes: { ldap_base: ldapBase } } = await callWizardAction('guessBaseDN')
+	ldapConfig.value.ldapBase = ldapBase
+}
+
+/**
+ *
+ */
+async function countInBaseDN() {
+	const { changes: { ldap_test_base: ldapTestBase } } = await callWizardAction('countInBaseDN')
+	showInfo(t('user_ldap', 'Found {count} users in the given Base DN.', { count: ldapTestBase }))
+}
+
+</script>
+<style lang="scss" scoped>
+.ldap-wizard__server {
+	display: flex;
+	flex-direction: column;
+	gap: 16px;
+
+	button {
+		flex-shrink: 0;
+	}
+
+	&__line {
+		display: flex;
+		align-items: start;
+		gap: 16px;
+	}
+
+	&__host__port {
+		display: flex;
+		align-items: center;
+		flex-shrink: 0;
+		gap: 16px;
+	}
+}
+</style>
diff --git a/apps/user_ldap/src/components/SettingsTabs/UsersTab.vue b/apps/user_ldap/src/components/SettingsTabs/UsersTab.vue
new file mode 100644
index 0000000000000..44c2f6264432b
--- /dev/null
+++ b/apps/user_ldap/src/components/SettingsTabs/UsersTab.vue
@@ -0,0 +1,185 @@
+<!--
+ - SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ - SPDX-License-Identifier: AGPL-3.0-or-later
+ -->
+<template>
+	<fieldset class="ldap-wizard__users">
+		{{ t('user_name', 'Listing and searching for users is constrained by these criteria:') }}
+
+		<div class="ldap-wizard__users__line ldap-wizard__users__user-filter-object-class">
+			<NcSelect v-model="ldapConfig.ldapUserFilterObjectclass"
+				:disabled="ldapConfig.ldapUserFilterMode === '1'"
+				class="ldap-wizard__users__user-filter-object-class__select"
+				:disable="editUserFilter"
+				:options="['TODO']"
+				:input-label="t('user_name', 'Only these object classes:')"
+				:multiple="true" />
+			{{ t('user_name', 'The most common object classes for users are organizationalPerson, person, user, and inetOrgPerson. If you are not sure which object class to select, please consult your directory admin.') }}
+		</div>
+
+		<div class="ldap-wizard__users__line ldap-wizard__users__user-filter-groups">
+			<div>
+				{{ t('user_name', 'Only from these groups:') }}
+			</div>
+
+			<!-- <input type="text" class="ldapManyGroupsSupport ldapManyGroupsSearch hidden" > -->
+			<!-- <NcTextField :disable="editUserFilter"
+				:value.sync="ldapConfig.ldapUserFilterGroups"
+				:placeholder="t('user_name', 'Search groups')"
+				autocomplete="off" /> -->
+
+			<NcSelect v-model="ldapConfig.ldapUserFilterGroups"
+				class="ldap-wizard__users__user-filter-groups__select"
+				:disabled="ldapConfig.ldapUserFilterMode === '1'"
+				:options="['TODO']"
+				:disable="allowUserFilterGroupsSelection"
+				:input-label="t('user_name', 'Only these object classes:')"
+				:multiple="true" />
+		</div>
+
+		<!-- TODO -->
+		<div class="ldap-wizard__users__line">
+			<p class="ldapManyGroupsSupport hidden">
+				<select class="ldapGroupList ldapGroupListAvailable"
+					:disabled="ldapConfig.ldapUserFilterMode === '1'"
+					:multiple="true"
+					aria-describedby="ldapGroupListAvailable_instructions"
+					:title="t('user_name', 'Available groups')" />
+			</p>
+			<p id="ldapGroupListAvailable_instructions" class="hidden-visually">
+				{{ t('user_name', 'Available groups') }}
+			</p>
+
+			<span>
+				<NcButton class="ldapGroupListSelect">&gt;</NcButton>
+				<NcButton class="ldapGroupListDeselect">&lt;</NcButton>
+			</span>
+
+			<select class="ldapGroupList ldapGroupListSelected"
+				:disabled="ldapConfig.ldapUserFilterMode === '1'"
+				:multiple="true"
+				aria-describedby="ldapGroupListSelected_instructions"
+				:title="t('user_name', 'Selected groups')" />
+
+			<p id="ldapGroupListSelected_instructions" class="hidden-visually">
+				{{ t('user_name', 'Selected groups') }}
+			</p>
+		</div>
+
+		<div class="ldap-wizard__users__line ldap-wizard__users__user-filter">
+			<NcCheckboxRadioSwitch :checked="ldapConfig.ldapUserFilterMode === '1'"
+				@update:checked="toggleFilterMode">
+				{{ t('user_name', 'Edit LDAP Query') }}
+			</NcCheckboxRadioSwitch>
+
+			<div v-if="ldapConfig.ldapUserFilterMode === '0'">
+				<label>{{ t('user_name', 'LDAP Filter:') }}</label>
+				<code>{{ ldapConfig.ldapUserFilter }}</code>
+			</div>
+			<div v-else>
+				<NcTextArea :value.sync="ldapConfig.ldapUserFilter"
+					:placeholder="t('user_name', 'Edit LDAP Query')"
+					:helper-text="t('user_name', 'The filter specifies which LDAP users shall have access to the {instanceName} instance.', { instanceName })" />
+			</div>
+		</div>
+
+		<div class="ldap-wizard__users__line ldap-wizard__users__user-count-check">
+			<NcButton @click="countUsers">
+				{{ t('user_name', 'Verify settings and count users') }}
+			</NcButton>
+
+			<span v-if="usersCount !== undefined">{{ t('user_ldap', "User count: {userCount}", { usersCount }) }}</span>
+		</div>
+	</fieldset>
+</template>
+
+<script lang="ts" setup>
+import { ref } from 'vue'
+import { storeToRefs } from 'pinia'
+
+import { t } from '@nextcloud/l10n'
+import { NcButton, NcTextArea, NcCheckboxRadioSwitch, NcSelect } from '@nextcloud/vue'
+import { getCapabilities } from '@nextcloud/capabilities'
+
+import { useLDAPConfigsStore } from '../../store/configs'
+import { useWizardStore } from '../../store/wizard'
+import { showEnableAutomaticFilterInfo } from '../../services/ldapConfigService'
+
+const wizardStore = useWizardStore()
+const ldapConfigsStore = useLDAPConfigsStore()
+const { selectedConfig: ldapConfig } = storeToRefs(ldapConfigsStore)
+
+const usersCount = ref<number|undefined>(undefined)
+
+const allowUserFilterGroupsSelection = ref(true) // TODO
+const instanceName = (getCapabilities() as { theming: { name:string } }).theming.name
+
+/**
+ *
+ */
+async function countUsers() {
+	const { changes: { ldap_test_base: ldapTestBase } } = await wizardStore.callWizardAction('countUsers')
+	usersCount.value = ldapTestBase
+}
+
+/**
+ *
+ * @param value
+ */
+async function toggleFilterMode(value: boolean) {
+	if (value) {
+		ldapConfig.value.ldapUserFilterMode = '1'
+	} else {
+		ldapConfig.value.ldapUserFilterMode = await showEnableAutomaticFilterInfo()
+	}
+}
+</script>
+<style lang="scss" scoped>
+.ldap-wizard__users {
+	display: flex;
+	flex-direction: column;
+	gap: 16px;
+
+	&__line {
+		display: flex;
+		align-items: start;
+	}
+
+	&__user-filter-object-class {
+		display: flex;
+		gap: 16px;
+
+		&__select {
+			min-width: 50%;
+			flex-grow: 1;
+		}
+	}
+
+	&__user-filter-groups {
+		display: flex;
+		gap: 16px;
+
+		&__select {
+			min-width: 50%;
+			flex-grow: 1;
+		}
+	}
+
+	&__user-filter {
+		display: flex;
+		flex-direction: column;
+
+		code {
+			background-color: var(--color-background-dark);
+			padding: 4px;
+			border-radius: 4px;
+		}
+	}
+
+	&__user-count-check {
+		display: flex;
+		align-items: center;
+		gap: 16px;
+	}
+}
+</style>
diff --git a/apps/user_ldap/src/components/WizardControls.vue b/apps/user_ldap/src/components/WizardControls.vue
new file mode 100644
index 0000000000000..ec655a37c8083
--- /dev/null
+++ b/apps/user_ldap/src/components/WizardControls.vue
@@ -0,0 +1,62 @@
+<!--
+ - SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ - SPDX-License-Identifier: AGPL-3.0-or-later
+ -->
+<template>
+	<div class="ldap-wizard__controls">
+		<!-- TODO -->
+		<span class="ldap_config_state_indicator" /> <span class="ldap_config_state_indicator_sign" />
+
+		<NcButton type="tertiary"
+			href="https://docs.nextcloud.com/server/stable/go.php?to=admin-ldap"
+			target="_blank"
+			rel="noreferrer noopener">
+			<template #icon>
+				<Information :size="20" />
+			</template>
+			<span>{{ t('user_ldap', 'Help') }}</span>
+		</NcButton>
+
+		<NcButton type="primary" :disabled="loading" @click="testSelectedConfig">
+			{{ t('user_ldap', 'Test Configuration') }}
+		</NcButton>
+	</div>
+</template>
+
+<script lang="ts" setup>
+import { ref } from 'vue'
+import { storeToRefs } from 'pinia'
+
+import Information from 'vue-material-design-icons/ContentCopy.vue'
+
+import { t } from '@nextcloud/l10n'
+import { NcButton } from '@nextcloud/vue'
+
+import { testConfiguration } from '../services/ldapConfigService'
+import { useLDAPConfigsStore } from '../store/configs'
+
+const ldapConfigsStore = useLDAPConfigsStore()
+const { selectedConfigId } = storeToRefs(ldapConfigsStore)
+
+const loading = ref(false)
+
+/**
+ *
+ */
+function testSelectedConfig() {
+	try {
+		loading.value = true
+		testConfiguration(selectedConfigId.value)
+	} finally {
+		loading.value = false
+	}
+}
+</script>
+<style lang="scss" scoped>
+.ldap-wizard__controls {
+	display: flex;
+	gap: 16px;
+	align-items: center;
+	justify-content: end;
+}
+</style>
diff --git a/apps/user_ldap/src/main.ts b/apps/user_ldap/src/main.ts
new file mode 100644
index 0000000000000..b6f285cbf99bc
--- /dev/null
+++ b/apps/user_ldap/src/main.ts
@@ -0,0 +1,20 @@
+/**
+ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+import Vue from 'vue'
+import { PiniaVuePlugin } from 'pinia'
+import { getCSPNonce } from '@nextcloud/auth'
+
+import { pinia } from './store/index'
+import LDAPSettingsApp from './LDAPSettingsApp.vue'
+
+__webpack_nonce__ = getCSPNonce()
+
+// Init Pinia store
+Vue.use(PiniaVuePlugin)
+
+const LDAPSettingsAppVue = Vue.extend(LDAPSettingsApp)
+new LDAPSettingsAppVue({
+	pinia,
+}).$mount('#content-ldap-settings')
diff --git a/apps/user_ldap/src/models/index.ts b/apps/user_ldap/src/models/index.ts
new file mode 100644
index 0000000000000..632b43e44e842
--- /dev/null
+++ b/apps/user_ldap/src/models/index.ts
@@ -0,0 +1,71 @@
+/**
+ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+export type LDAPConfig = {
+	ldapHost: string // Example: ldaps://my.ldap.server</ldapHost>
+	ldapPort: string // Example: 7770
+	ldapBackupHost: string
+	ldapBackupPort: string
+	ldapBase: string // Example: ou=small,dc=my,dc=ldap,dc=server
+	ldapBaseUsers: string // Example: ou=users,ou=small,dc=my,dc=ldap,dc=server
+	ldapBaseGroups: string // Example: ou=small,dc=my,dc=ldap,dc=server
+	ldapAgentName: string // Example: cn=root,dc=my,dc=ldap,dc=server
+	ldapAgentPassword: string // Example: clearTextWithShowPassword=1
+	ldapTLS: '0'|'1' // Example: 1
+	turnOffCertCheck: '0'|'1' // Example: 0
+	ldapIgnoreNamingRules: string // Example: >
+	ldapUserDisplayName: string // Example: displayname
+	ldapUserDisplayName2: string // Example: uid
+	ldapUserFilterObjectclass: string // Example: inetOrgPerson
+	ldapUserFilterGroups: string
+	ldapUserFilter: string // Example: (&amp;(objectclass=nextcloudUser)(nextcloudEnabled=TRUE))
+	ldapUserFilterMode: '0'|'1' // Example: 1
+	ldapGroupFilter: string // Example: (&amp;(|(objectclass=nextcloudGroup)))
+	ldapGroupFilterMode: '0'|'1' // Example: 0
+	ldapGroupFilterObjectclass: string // Example: nextcloudGroup
+	ldapGroupFilterGroups: string
+	ldapGroupDisplayName: string // Example: cn
+	ldapGroupMemberAssocAttr: string // Example: memberUid
+	ldapLoginFilter: string // Example: (&amp;(|(objectclass=inetOrgPerson))(uid=%uid))
+	ldapLoginFilterMode: '0'|'1' // Example: 0
+	ldapLoginFilterEmail: '0'|'1' // Example: 0
+	ldapLoginFilterUsername: '0'|'1' // Example: 1
+	ldapLoginFilterAttributes: string
+	ldapQuotaAttribute: string
+	ldapQuotaDefault: string
+	ldapEmailAttribute: string // Example: mail
+	ldapCacheTTL: string // Example: 20
+	ldapUuidUserAttribute: string // Example: auto
+	ldapUuidGroupAttribute: string // Example: auto
+	ldapOverrideMainServer: string
+	ldapConfigurationActive: '0'|'1' // Example: 1
+	ldapAttributesForUserSearch: string // Example: uid;sn;givenname
+	ldapAttributesForGroupSearch: string
+	ldapExperiencedAdmin: '0'|'1' // Example: 0
+	homeFolderNamingRule: string
+	hasMemberOfFilterSupport: string
+	useMemberOfToDetectMembership: '0'|'1' // Example: 1
+	ldapExpertUsernameAttr: string // Example: uid
+	ldapExpertUUIDUserAttr: string // Example: uid
+	ldapExpertUUIDGroupAttr: string
+	lastJpegPhotoLookup: '0'|'1' // Example: 0
+	ldapNestedGroups: '0'|'1' // Example: 0
+	ldapPagingSize: string // Example: 500
+	turnOnPasswordChange: '0'|'1' // Example: 1
+	ldapDynamicGroupMemberURL: string
+	markRemnantsAsDisabled: '0'|'1' // Example: 1
+	ldapDefaultPPolicyDN: string
+	ldapExtStorageHomeAttribute: string
+	ldapAttributePhone: string
+	ldapAttributeWebsite: string
+	ldapAttributeAddress: string
+	ldapAttributeTwitter: string
+	ldapAttributeFediverse: string
+	ldapAttributeOrganisation: string
+	ldapAttributeRole: string
+	ldapAttributeHeadline: string
+	ldapAttributeBiography: string
+	ldapAttributeBirthDate: string
+}
diff --git a/apps/user_ldap/src/services/ldapConfigService.ts b/apps/user_ldap/src/services/ldapConfigService.ts
new file mode 100644
index 0000000000000..a7ac3eae9f533
--- /dev/null
+++ b/apps/user_ldap/src/services/ldapConfigService.ts
@@ -0,0 +1,181 @@
+/**
+ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+import path from 'path'
+
+import axios, { AxiosError, type AxiosResponse } from '@nextcloud/axios'
+import { getAppRootUrl, generateOcsUrl } from '@nextcloud/router'
+
+import type { LDAPConfig } from '../models'
+import { DialogSeverity, getDialogBuilder, showError, showSuccess } from '@nextcloud/dialogs'
+import type { OCSResponse } from '@nextcloud/typings/ocs'
+import { t } from '@nextcloud/l10n'
+
+const AJAX_ENDPOINT = path.join(getAppRootUrl('user_ldap'), '/ajax')
+
+export type WizardAction =
+	'guessPortAndTLS' |
+	'guessBaseDN' |
+	'detectEmailAttribute' |
+	'detectUserDisplayNameAttribute' |
+	'determineGroupMemberAssoc' |
+	'determineUserObjectClasses' |
+	'determineGroupObjectClasses' |
+	'determineGroupsForUsers' |
+	'determineGroupsForGroups' |
+	'determineAttributes' |
+	'getUserListFilter' |
+	'getUserLoginFilter' |
+	'getGroupFilter' |
+	'countUsers' |
+	'countGroups' |
+	'countInBaseDN' |
+	'testLoginName'
+
+/**
+ *
+ * @param config
+ */
+export async function createConfig() {
+	const response = await axios.post(generateOcsUrl('apps/user_ldap/api/v1/config'))
+	return response.data.ocs.data.configID as string
+}
+
+/**
+ *
+ * @param configId
+ * @param config
+ */
+export async function getConfig(configId: string): Promise<LDAPConfig> {
+	const response: AxiosResponse<OCSResponse<LDAPConfig>> = await axios.get(generateOcsUrl('apps/user_ldap/api/v1/config/{configId}', { configId }))
+	return response.data.ocs.data
+}
+
+/**
+ *
+ * @param configId
+ * @param config
+ */
+export async function updateConfig(configId: string, config: LDAPConfig): Promise<LDAPConfig> {
+	const response = await axios.put(
+		generateOcsUrl('apps/user_ldap/api/v1/config/{configId}', { configId }),
+		{ configData: config },
+	)
+
+	return response.data as LDAPConfig
+}
+
+/**
+ *
+ * @param configId
+ */
+export async function deleteConfig(configId: string): Promise<boolean> {
+	try {
+		await axios.delete(generateOcsUrl('apps/user_ldap/api/v1/config/{configId}', { configId }))
+	} catch (error) {
+		const errorResponse = (error as AxiosError<OCSResponse>).response
+		showError(errorResponse?.data.ocs.meta.message || t('user_ldap', 'Fail to delete config'))
+	}
+
+	return true
+}
+
+/**
+ * Starts a configuration test.
+ * @param configId
+ */
+export async function testConfiguration(configId: string) {
+	const params = new FormData()
+	params.set('ldap_serverconfig_chooser', configId)
+
+	const response = await axios.post(
+		path.join(AJAX_ENDPOINT, 'testConfiguration.php'),
+		params,
+	)
+
+	if (response.data.status === 'success') {
+		showSuccess(response.data.message)
+	} else {
+		showError(response.data.message)
+	}
+
+	return response.data
+}
+
+/**
+ *
+ * @param subject
+ */
+export async function clearMapping(subject: 'user' | 'group') {
+	const params = new FormData()
+	params.set('ldap_clear_mapping', subject)
+
+	const response = await axios.post(
+		path.join(AJAX_ENDPOINT, 'clearMappings.php'),
+		params,
+	)
+
+	if (response.data.status === 'success') {
+		showSuccess(t('user_ldap', 'Mapping cleared'))
+	} else {
+		showError(t('user_ldap', 'Failed to clear mapping'))
+	}
+}
+
+/**
+ * Calls the wizard endpoint.
+ * @param action
+ * @param configId
+ * @param extraParams
+ */
+export async function callWizard(action: WizardAction, configId: string, extraParams: Record<string, string> = {}) {
+	const params = new FormData()
+	params.set('action', action)
+	params.set('ldap_serverconfig_chooser', configId)
+
+	Object.entries(extraParams).forEach(([key, value]) => {
+		params.set(key, value)
+	})
+
+	const response = await axios.post(
+		path.join(AJAX_ENDPOINT, 'wizard.php'),
+		params,
+	)
+
+	if (response.data.status === 'error') {
+		showError(response.data.message)
+		throw new Error(response.data.message)
+	}
+
+	return response.data
+}
+
+/**
+ *
+ * @param value
+ */
+export async function showEnableAutomaticFilterInfo(): Promise<'0'|'1'> {
+	return new Promise((resolve) => {
+		const dialog = getDialogBuilder(t('user_ldap', 'Mode switch'))
+			.setText(t('user_ldap', 'Switching the mode will enable automatic LDAP queries. Depending on your LDAP size they may take a while. Do you still want to switch the mode?'))
+			.addButton({
+				label: t('user_ldap', 'No'),
+				callback() {
+					dialog.hide()
+					resolve('1')
+				},
+			})
+			.addButton({
+				label: t('user_ldap', 'Yes'),
+				callback() {
+					resolve('0')
+				},
+			})
+			.setSeverity(DialogSeverity.Info)
+			.build()
+
+		dialog.show()
+	})
+}
diff --git a/apps/user_ldap/src/store/configs.ts b/apps/user_ldap/src/store/configs.ts
new file mode 100644
index 0000000000000..49d0205f2a7b3
--- /dev/null
+++ b/apps/user_ldap/src/store/configs.ts
@@ -0,0 +1,62 @@
+/**
+ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+import { defineStore } from 'pinia'
+import Vue, { computed, ref } from 'vue'
+
+import { loadState } from '@nextcloud/initial-state'
+
+import { createConfig, deleteConfig, getConfig } from '../services/ldapConfigService'
+import type { LDAPConfig } from '../models'
+
+export const useLDAPConfigsStore = defineStore('ldap-configs', () => {
+	const ldapConfigs = ref(loadState('user_ldap', 'ldapConfigs') as Record<string, LDAPConfig>)
+	const selectedConfigId = ref<string>(Object.keys(ldapConfigs.value)[0])
+	const selectedConfig = computed<LDAPConfig>(() => ldapConfigs.value[selectedConfigId.value])
+
+	/**
+	 *
+	 */
+	async function create() {
+		const configId = await createConfig()
+		const config = await getConfig(configId)
+		ldapConfigs.value[configId] = config
+		selectedConfigId.value = configId
+		return configId
+	}
+
+	/**
+	 *
+	 * @param fromConfigId
+	 */
+	async function copyConfig(fromConfigId: string) {
+		const configId = await createConfig()
+		ldapConfigs.value[configId] = { ...ldapConfigs.value[fromConfigId] }
+		selectedConfigId.value = configId
+		return configId
+	}
+
+	/**
+	 *
+	 * @param configId
+	 */
+	async function removeConfig(configId: string) {
+		const result = await deleteConfig(configId)
+		if (result === true) {
+			Vue.delete(ldapConfigs.value, configId)
+		}
+
+		const firstConfigId = Object.keys(ldapConfigs.value)[0] ?? await create()
+		selectedConfigId.value = firstConfigId
+	}
+
+	return {
+		ldapConfigs,
+		selectedConfigId,
+		selectedConfig,
+		create,
+		copyConfig,
+		removeConfig,
+	}
+})
diff --git a/apps/user_ldap/src/store/index.ts b/apps/user_ldap/src/store/index.ts
new file mode 100644
index 0000000000000..00676b3bc8eda
--- /dev/null
+++ b/apps/user_ldap/src/store/index.ts
@@ -0,0 +1,8 @@
+/**
+ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+import { createPinia } from 'pinia'
+
+export const pinia = createPinia()
diff --git a/apps/user_ldap/src/store/wizard.ts b/apps/user_ldap/src/store/wizard.ts
new file mode 100644
index 0000000000000..f277ae7c0ae25
--- /dev/null
+++ b/apps/user_ldap/src/store/wizard.ts
@@ -0,0 +1,34 @@
+/**
+ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+import { defineStore } from 'pinia'
+import { ref } from 'vue'
+
+import { callWizard, type WizardAction } from '../services/ldapConfigService'
+import { useLDAPConfigsStore } from './configs'
+
+export const useWizardStore = defineStore('ldap-wizard', () => {
+	const currentWizardActions = ref<string[]>([])
+
+	const { selectedConfigId } = useLDAPConfigsStore()
+
+	/**
+	 *
+	 * @param action
+	 * @param params
+	 */
+	async function callWizardAction(action: WizardAction, params?: Record<string, string>) {
+		try {
+			currentWizardActions.value.push(action)
+			return await callWizard(action, selectedConfigId, params)
+		} finally {
+			currentWizardActions.value.splice(currentWizardActions.value.indexOf(action), 1)
+		}
+	}
+
+	return {
+		currentWizardActions,
+		callWizardAction,
+	}
+})
diff --git a/apps/user_ldap/src/views/Settings.vue b/apps/user_ldap/src/views/Settings.vue
new file mode 100644
index 0000000000000..915b53c52e708
--- /dev/null
+++ b/apps/user_ldap/src/views/Settings.vue
@@ -0,0 +1,194 @@
+<!--
+ - SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ - SPDX-License-Identifier: AGPL-3.0-or-later
+ -->
+<template>
+	<form class="ldap-wizard">
+		<h2>{{ t('user_ldap', 'LDAP/AD integration') }}</h2>
+
+		<div class="ldap-wizard__config-selection">
+			<NcSelect v-model="selectedConfigId"
+				:options="Object.keys(ldapConfigs)"
+				:input-label="t('user_ldap', 'Select LDAP Config')">
+				<template #option="{label: configId}">
+					{{ `${configId}: ${ldapConfigs[configId].ldapHost}` }}
+				</template>
+				<template #selected-option="{label: configId}">
+					{{ `${configId}: ${ldapConfigs[configId].ldapHost}` }}
+				</template>
+			</NcSelect>
+			<NcButton :label="t('user_ldap','Create New Config')" class="ldap-wizard__config-selection__create-button" @click="ldapConfigsStore.create">
+				<template #icon>
+					<Plus :size="20" />
+				</template>
+			</NcButton>
+		</div>
+
+		<NcNoteCard v-if="!ldapModuleInstalled" type="warning" :text="t('user_ldap', 'The PHP LDAP module is not installed, the backend will not work. Please ask your system administrator to install it.')" />
+
+		<div v-if="ldapModuleInstalled && selectedConfig !== undefined" class="ldap-wizard__tab-container">
+			<div class="ldap-wizard__tab-selection-container">
+				<div class="ldap-wizard__tab-selection">
+					<NcCheckboxRadioSwitch v-for="(tabLabel, tabId) in leftTabs"
+						:key="tabId"
+						:button-variant="true"
+						:checked.sync="selectedTab"
+						:value="tabId"
+						type="radio"
+						button-variant-grouped="horizontal">
+						{{ tabLabel }}
+					</NcCheckboxRadioSwitch>
+				</div>
+				<div class="ldap-wizard__tab-selection">
+					<NcCheckboxRadioSwitch v-for="(tabLabel, tabId) in rightTabs"
+						:key="tabId"
+						:button-variant="true"
+						:checked.sync="selectedTab"
+						:value="tabId"
+						type="radio"
+						button-variant-grouped="horizontal">
+						{{ tabLabel }}
+					</NcCheckboxRadioSwitch>
+				</div>
+			</div>
+
+			<ServerTab v-if="selectedTab === 'server'" />
+			<UsersTab v-else-if="selectedTab === 'users'" />
+			<LoginTab v-else-if="selectedTab === 'login'" />
+			<GroupsTab v-else-if="selectedTab === 'groups'" />
+			<ExpertTab v-else-if="selectedTab === 'expert'" />
+			<AdvancedTab v-else-if="selectedTab === 'advanced'" />
+
+			<WizardControls class="ldap-wizard__controls" />
+		</div>
+
+		<div class="ldap-wizard__clear-mapping">
+			<strong>{{ t('user_ldap', 'Username-LDAP User Mapping') }}</strong>
+			{{ t('user_ldap', 'Usernames are used to store and assign metadata. In order to precisely identify and recognize users, each LDAP user will have an internal username. This requires a mapping from username to LDAP user. The created username is mapped to the UUID of the LDAP user. Additionally the DN is cached as well to reduce LDAP interaction, but it is not used for identification. If the DN changes, the changes will be found. The internal username is used all over. Clearing the mappings will have leftovers everywhere. Clearing the mappings is not configuration sensitive, it affects all LDAP configurations! Never clear the mappings in a production environment, only in a testing or experimental stage.') }}
+
+			<div class="ldap-wizard__clear-mapping__buttons">
+				<NcButton type="error" :disabled="clearMappingLoading" @click="requestClearMapping('user')">
+					{{ t('user_ldap', 'Clear Username-LDAP User Mapping') }}
+				</NcButton>
+				<NcButton type="error" :disabled="clearMappingLoading" @click="requestClearMapping('group')">
+					{{ t('user_ldap', 'Clear Groupname-LDAP Group Mapping') }}
+				</NcButton>
+			</div>
+		</div>
+	</form>
+</template>
+
+<script lang="ts" setup>
+import { ref } from 'vue'
+
+import Plus from 'vue-material-design-icons/Plus.vue'
+
+import { t } from '@nextcloud/l10n'
+import { loadState } from '@nextcloud/initial-state'
+import { NcCheckboxRadioSwitch, NcSelect, NcButton, NcNoteCard } from '@nextcloud/vue'
+
+import ServerTab from '../components/SettingsTabs/ServerTab.vue'
+import UsersTab from '../components/SettingsTabs/UsersTab.vue'
+import LoginTab from '../components/SettingsTabs/LoginTab.vue'
+import GroupsTab from '../components/SettingsTabs/GroupsTab.vue'
+import ExpertTab from '../components/SettingsTabs/ExpertTab.vue'
+import AdvancedTab from '../components/SettingsTabs/AdvancedTab.vue'
+import WizardControls from '../components/WizardControls.vue'
+import { useLDAPConfigsStore } from '../store/configs'
+import { clearMapping, updateConfig } from '../services/ldapConfigService'
+import { storeToRefs } from 'pinia'
+
+const ldapModuleInstalled = loadState('user_ldap', 'ldapModuleInstalled')
+
+const leftTabs = {
+	server: t('user_ldap', 'Server'),
+	users: t('user_ldap', 'Users'),
+	login: t('user_ldap', 'Login Attributes'),
+	groups: t('user_ldap', 'Groups'),
+}
+
+const rightTabs = {
+	advanced: t('user_ldap', 'Advanced'),
+	expert: t('user_ldap', 'Expert'),
+}
+
+const ldapConfigsStore = useLDAPConfigsStore()
+const { ldapConfigs, selectedConfigId, selectedConfig } = storeToRefs(ldapConfigsStore)
+
+const selectedTab = ref('server')
+const clearMappingLoading = ref(false)
+
+ldapConfigsStore.$subscribe(async () => {
+	if (selectedConfigId === undefined) {
+		throw new Error('selectedConfigId should not be undefined')
+	}
+
+	await updateConfig(selectedConfigId.value, selectedConfig.value)
+})
+
+/**
+ *
+ * @param subject
+ */
+async function requestClearMapping(subject: 'user'|'group') {
+	try {
+		clearMappingLoading.value = true
+		await clearMapping(subject)
+	} finally {
+		clearMappingLoading.value = false
+	}
+}
+</script>
+<style lang="scss" scoped>
+.ldap-wizard {
+	padding: 16px;
+	max-width: 1000px;
+
+	&__config-selection {
+		display: flex;
+		align-items: end;
+		margin-bottom: 8px;
+		gap: 16px;
+
+		&__create-button {
+			margin-bottom: 4px;
+		}
+	}
+
+	&__tab-selection-container {
+		display: flex;
+		justify-content: space-between;
+	}
+
+	&__tab-selection {
+		display: flex;
+		margin-left: -16px;
+		margin-bottom: 16px;
+
+		&:last-of-type {
+			margin-right: -16px;
+		}
+	}
+
+	&__tab-container {
+		border: 1px solid var(--color-text-light);
+		border-radius: var(--border-radius);
+		padding: 0 16px 16px 16px;
+	}
+
+	&__controls {
+		margin-top: 16px;
+	}
+
+	&__clear-mapping {
+		padding: 16px;
+
+		&__buttons {
+			display: flex;
+			margin-top: 8px;
+			gap: 16px;
+			justify-content: end;
+		}
+	}
+}
+</style>
diff --git a/apps/user_ldap/templates/settings.php b/apps/user_ldap/templates/settings.php
index 9117a9f533caa..aad2053fbc26b 100644
--- a/apps/user_ldap/templates/settings.php
+++ b/apps/user_ldap/templates/settings.php
@@ -49,7 +49,8 @@
 	'wizard/wizardDetectorClearGroupMappings',
 	'wizard/wizardFilterOnType',
 	'wizard/wizardFilterOnTypeFactory',
-	'wizard/wizard'
+	'wizard/wizard',
+	'main'
 ]);
 
 style('user_ldap', 'settings');
@@ -161,3 +162,5 @@
 	<!-- Spinner Template -->
 	<img class="ldapSpinner hidden" src="<?php p(image_path('core', 'loading.gif')); ?>">
 </form>
+
+<div id="content-ldap-settings"></div>
diff --git a/package.json b/package.json
index 07714e596cbfa..3f7c0d06318a7 100644
--- a/package.json
+++ b/package.json
@@ -13,6 +13,7 @@
     "postbuild": "build/npm-post-build.sh",
     "dev": "webpack --node-env development --progress",
     "watch": "webpack --node-env development --progress --watch",
+    "serve": "webpack serve --node-env development --progress",
     "lint": "eslint $(for appdir in $(ls apps); do if ! $(git check-ignore -q $appdir); then printf \"apps/$appdir \"; fi; done) core --no-error-on-unmatched-pattern",
     "lint:fix": "eslint $(for appdir in $(ls apps); do if ! $(git check-ignore -q $appdir); then printf \"apps/$appdir \"; fi; done) core --no-error-on-unmatched-pattern --fix",
     "stylelint": "stylelint '{apps,core}/**/*.{scss,vue}'",
@@ -205,4 +206,4 @@
   "overrides": {
     "colors": "1.4.0"
   }
-}
+}
\ No newline at end of file
diff --git a/webpack.modules.js b/webpack.modules.js
index f788e6f6e84b9..79caaac13e3ab 100644
--- a/webpack.modules.js
+++ b/webpack.modules.js
@@ -109,6 +109,9 @@ module.exports = {
 		updatenotification: path.join(__dirname, 'apps/updatenotification/src', 'updatenotification.js'),
 		'update-notification-legacy': path.join(__dirname, 'apps/updatenotification/src', 'update-notification-legacy.ts'),
 	},
+	user_ldap: {
+		main: path.join(__dirname, 'apps/user_ldap/src', 'main.js'),
+	},
 	user_status: {
 		menu: path.join(__dirname, 'apps/user_status/src', 'menu.js'),
 	},