diff --git a/.gitignore b/.gitignore
index 07859bbcf..04dcc7ec8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,5 +8,6 @@ configuration/*
 !configuration/extra.py
 configuration/ldap/*
 !configuration/ldap/ldap_config.py
+!configuration/ldap/extra.py
 prometheus.yml
 super-linter.log
diff --git a/configuration/ldap/extra.py b/configuration/ldap/extra.py
new file mode 100644
index 000000000..60a80eb2f
--- /dev/null
+++ b/configuration/ldap/extra.py
@@ -0,0 +1,28 @@
+####
+## This file contains extra configuration options that can't be configured
+## directly through environment variables.
+## All vairables set here overwrite any existing found in ldap_config.py
+####
+
+# # This Python script inherits all the imports from ldap_config.py
+# from django_auth_ldap.config import LDAPGroupQuery # Imported since not in ldap_config.py
+
+# # Sets a base requirement of membetship to netbox-user-ro, netbox-user-rw, or netbox-user-admin.
+# AUTH_LDAP_REQUIRE_GROUP = (
+#     LDAPGroupQuery("cn=netbox-user-ro,ou=groups,dc=example,dc=com")
+#     | LDAPGroupQuery("cn=netbox-user-rw,ou=groups,dc=example,dc=com")
+#     | LDAPGroupQuery("cn=netbox-user-admin,ou=groups,dc=example,dc=com")
+# )
+
+# # Sets LDAP Flag groups variables with example.
+# AUTH_LDAP_USER_FLAGS_BY_GROUP = {
+#     "is_staff": (
+#         LDAPGroupQuery("cn=netbox-user-ro,ou=groups,dc=example,dc=com")
+#         | LDAPGroupQuery("cn=netbox-user-rw,ou=groups,dc=example,dc=com")
+#         | LDAPGroupQuery("cn=netbox-user-admin,ou=groups,dc=example,dc=com")
+#     ),
+#     "is_superuser": "cn=netbox-user-admin,ou=groups,dc=example,dc=com",
+# }
+
+# # Sets LDAP Mirror groups variables with example groups
+# AUTH_LDAP_MIRROR_groups = ["netbox-user-ro", "netbox-user-rw", "netbox-user-admin"]