diff --git a/README.md b/README.md
index 6e3c9dcc..ee66f87b 100644
--- a/README.md
+++ b/README.md
@@ -104,6 +104,12 @@ By default the connector search using this query LDAP `(sAMAccountName={0})`, yo
 
 If you get "Invalid Ticket" when configuring the connector for the first time, the most likely cause is a network issue (e.g. connector behind a proxy). Try connecting to `https://{your tenant}.auth0.com/testall` with a browser other than IE.
 
+Under FreeIPA, it is necessary to prefer the use of the `LDAP_BIND_USER` and `LDAP_BIND_PASSWORD` over anonymous search even when anonymous search is enabled on the FreeIPA server, otherwise, email authentication will not work. You can set the connector to prefer using the bind credentials in the config.json file:
+
+```
+    "LDAP_PREFER_BIND_CREDENTIALS": true,
+```
+
 ## Issue Reporting
 
 If you have found a bug or if you have a feature request, please report them 
diff --git a/lib/ldap.js b/lib/ldap.js
index cacfd01b..6e1ed3f5 100644
--- a/lib/ldap.js
+++ b/lib/ldap.js
@@ -36,8 +36,8 @@ function initializeConnection () {
   connection.heartbeat = function (callback) {
     // alway re-bind the connection in an heartbeat before searching, underlying connection might be bound to a different users from previous
     // login validations, and the search query might fail randomly otherwise.
-    const user = nconf.get('ANONYMOUS_SEARCH_ENABLED') ? '' : nconf.get("LDAP_BIND_USER");
-    const creds = nconf.get('ANONYMOUS_SEARCH_ENABLED') ? '' : ldapBindCredentials;
+    const user = (nconf.get('ANONYMOUS_SEARCH_ENABLED') && !nconf.get('LDAP_PREFER_BIND_CREDENTIALS')) ? '' : nconf.get("LDAP_BIND_USER");
+    const creds = (nconf.get('ANONYMOUS_SEARCH_ENABLED') && !nconf.get('LDAP_PREFER_BIND_CREDENTIALS')) ? '' : ldapBindCredentials;
     
     connection.bind(user, creds, function(err) {
       if(err){
@@ -92,7 +92,7 @@ function initializeConnection () {
     });
   }
 
-  if (!nconf.get('ANONYMOUS_SEARCH_ENABLED')) {
+  if (nconf.get('LDAP_PREFER_BIND_CREDENTIALS') || !nconf.get('ANONYMOUS_SEARCH_ENABLED')) {
     if(!ldapBindCredentials) {
       ldapBindCredentials = nconf.get('LDAP_BIND_PASSWORD') || crypto.decrypt(nconf.get('LDAP_BIND_CREDENTIALS'));
     }
diff --git a/server.js b/server.js
index c9c14c27..06051b82 100644
--- a/server.js
+++ b/server.js
@@ -39,7 +39,11 @@ connectorSetup.run(__dirname, function(err) {
   }
 
   if (!nconf.get('LDAP_BIND_USER') || !nconf.get('LDAP_BIND_CREDENTIALS')) {
-    if (!nconf.get('ANONYMOUS_SEARCH_ENABLED')){
+    if(nconf.get("LDAP_PREFER_BIND_CREDENTIALS")){
+      console.error('LDAP_PREFER_BIND_CREDENTIALS is set. Please edit config.json to add LDAP_BIND_USER and LDAP_BIND_PASSWORD');
+      return exit(1);
+    }
+    else if (!nconf.get('ANONYMOUS_SEARCH_ENABLED')){
       console.error('Anonymous LDAP search is not enabled. Please edit config.json to add LDAP_BIND_USER');
       return exit(1);
     }