diff --git a/appinfo/info.xml b/appinfo/info.xml
index 351006aa5eaa1d50ff706409521645bd7f0536f7..91b23d6582177f6dd858b33dcd03cd71d592f18c 100644
--- a/appinfo/info.xml
+++ b/appinfo/info.xml
@@ -27,5 +27,6 @@
     <commands>
         <command>OCA\EcloudAccounts\Command\Migrate2FASecrets</command>
         <command>OCA\EcloudAccounts\Command\MigrateWebmailAddressbooks</command>
+        <command>OCA\EcloudAccounts\Command\MapActiveAttributetoLDAP</command>
     </commands>
 </info>
diff --git a/lib/Command/MapActiveAttributetoLDAP.php b/lib/Command/MapActiveAttributetoLDAP.php
new file mode 100644
index 0000000000000000000000000000000000000000..6d918d928e27626d981efd1dd418983a6c8283b7
--- /dev/null
+++ b/lib/Command/MapActiveAttributetoLDAP.php
@@ -0,0 +1,63 @@
+<?php
+
+declare(strict_types=1);
+
+namespace OCA\EcloudAccounts\Command;
+
+use Exception;
+use OCA\EcloudAccounts\AppInfo\Application;
+use OCA\EcloudAccounts\Service\UserService;
+use OCP\ILogger;
+use OCP\IUser;
+use OCP\IUserManager;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class MapActiveAttributetoLDAP extends Command {
+	private OutputInterface $commandOutput;
+	private IUserManager $userManager;
+	private $userService;
+	private $logger;
+
+	public function __construct(IUserManager $userManager, ILogger $logger, UserService $userService) {
+		$this->userManager = $userManager;
+		$this->userService = $userService;
+		$this->logger = $logger;
+		parent::__construct();
+	}
+
+	protected function configure(): void {
+		$this
+			->setName(Application::APP_ID.':map-active-attribute-to-ldap')
+			->setDescription('Map Active attribute to LDAP');
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output): int {
+		$this->commandOutput = $output;
+		$this->userManager->callForSeenUsers(function (IUser $user) {
+			if ($this->isUserValid($user)) {
+				$username = $user->getUID();
+				$isEnabled = $user->isEnabled() ? true : false;
+				try {
+					$this->userService->mapActiveAttributesInLDAP($username, $isEnabled);
+				} catch (Exception $e) {
+					$this->logger->logException('Failed to update LDAP attributes for user: ' . $username, ['exception' => $e]);
+				}
+			}
+		});
+		$this->commandOutput->writeln('Active attributes mapped successfully.');
+		return 0;
+	}
+	/**
+	 * validate user
+	 *
+	 * @param IUser $user
+	 */
+	private function isUserValid(?IUser $user) : bool {
+		if (!($user instanceof IUser)) {
+			return false;
+		}
+		return true;
+	}
+}
diff --git a/lib/Listeners/UserChangedListener.php b/lib/Listeners/UserChangedListener.php
index 48d2ddb95072e215490165a361dfaf01e1a2da2a..7204f3e03afaf93359596b766e4a5ed6a47d9002 100644
--- a/lib/Listeners/UserChangedListener.php
+++ b/lib/Listeners/UserChangedListener.php
@@ -7,6 +7,7 @@ namespace OCA\EcloudAccounts\Listeners;
 use Exception;
 use OCA\EcloudAccounts\Db\MailboxMapper;
 use OCA\EcloudAccounts\Service\LDAPConnectionService;
+use OCA\EcloudAccounts\Service\UserService;
 use OCP\EventDispatcher\Event;
 use OCP\EventDispatcher\IEventListener;
 use OCP\ILogger;
@@ -18,6 +19,8 @@ class UserChangedListener implements IEventListener {
 
 	private const RECOVERY_EMAIL_FEATURE = 'recovery-email';
 
+	private const ENABLED_FEATURE = 'enabled';
+
 	private $util;
 
 	private $logger;
@@ -26,11 +29,14 @@ class UserChangedListener implements IEventListener {
 
 	private $mailboxMapper;
 
-	public function __construct(Util $util, LDAPConnectionService $LDAPConnectionService, ILogger $logger, MailboxMapper $mailboxMapper) {
+	private $userService;
+
+	public function __construct(Util $util, LDAPConnectionService $LDAPConnectionService, ILogger $logger, MailboxMapper $mailboxMapper, UserService $userService) {
 		$this->util = $util;
 		$this->ldapConnectionService = $LDAPConnectionService;
 		$this->mailboxMapper = $mailboxMapper;
 		$this->logger = $logger;
+		$this->userService = $userService;
 	}
 
 	public function handle(Event $event): void {
@@ -41,6 +47,7 @@ class UserChangedListener implements IEventListener {
 		$feature = $event->getFeature();
 		$user = $event->getUser();
 		$username = $user->getUID();
+		$newValue = $event->getValue();
 		
 		if ($feature === self::QUOTA_FEATURE) {
 			$updatedQuota = $event->getValue();
@@ -56,7 +63,15 @@ class UserChangedListener implements IEventListener {
 				'recoveryMailAddress' => $recoveryEmail
 			];
 
-			$this->updateAttributesInLDAP($username, $recoveryEmailAttribute);
+			$this->userService->updateAttributesInLDAP($username, $recoveryEmailAttribute);
+		}
+
+		if ($feature === self::ENABLED_FEATURE) {
+			try {
+				$this->userService->mapActiveAttributesInLDAP($username, $newValue);
+			} catch (Exception $e) {
+				$this->logger->logException('Failed to update LDAP attributes for user: ' . $username, ['exception' => $e]);
+			}
 		}
 	}
 
@@ -69,22 +84,10 @@ class UserChangedListener implements IEventListener {
 				$quotaAttribute = [
 					'quota' => $quotaInBytes
 				];
-				$this->updateAttributesInLDAP($username, $quotaAttribute);
+				$this->userService->updateAttributesInLDAP($username, $quotaAttribute);
 			}
 		} catch (Exception $e) {
 			$this->logger->error("Error setting quota for user $username " . $e->getMessage());
 		}
 	}
-	
-	private function updateAttributesInLDAP(string $username, array $attributes) {
-		if ($this->ldapConnectionService->isLDAPEnabled()) {
-			$conn = $this->ldapConnectionService->getLDAPConnection();
-			$userDn = $this->ldapConnectionService->username2dn($username);
-			
-			if (!ldap_modify($conn, $userDn, $attributes)) {
-				throw new Exception('Could not modify user entry at LDAP server!');
-			}
-			$this->ldapConnectionService->closeLDAPConnection($conn);
-		}
-	}
 }
diff --git a/lib/Service/UserService.php b/lib/Service/UserService.php
index a347655cbcd544550d79509363910535410bcc80..0627035cf5ab5238b162727fd11372da25bc6c7c 100644
--- a/lib/Service/UserService.php
+++ b/lib/Service/UserService.php
@@ -520,6 +520,38 @@ class UserService {
 			throw new AddUsernameToCommonStoreException("Error adding username '$username' to common data store.");
 		}
 	}
+
+	public function mapActiveAttributesInLDAP(string $username, bool $isEnabled): void {
+		$userActiveAttributes = $this->getActiveAttributes($isEnabled);
+		$this->updateAttributesInLDAP($username, $userActiveAttributes);
+	}
+
+	private function getActiveAttributes(bool $isEnabled): array {
+		return [
+			'active' => $isEnabled ? 'TRUE' : 'FALSE',
+			'mailActive' => $isEnabled ? 'TRUE' : 'FALSE',
+		];
+	}
+
+	public function updateAttributesInLDAP(string $username, array $attributes): void {
+		if (!$this->LDAPConnectionService->isLDAPEnabled()) {
+			return;
+		}
+	
+		$conn = $this->LDAPConnectionService->getLDAPConnection();
+		$userDn = $this->LDAPConnectionService->username2dn($username);
+	
+		if ($userDn === false) {
+			throw new Exception('Could not find DN for username: ' . $username);
+		}
+	
+		if (!ldap_modify($conn, $userDn, $attributes)) {
+			throw new Exception('Could not modify user ' . $username . ' entry at LDAP server. Attributes: ' . print_r($attributes, true));
+		}
+	
+		$this->LDAPConnectionService->closeLDAPConnection($conn);
+	}
+	
 	private function getDefaultQuota() {
 		return $this->config->getSystemValueInt('default_quota_in_megabytes', 1024);
 	}