diff --git a/plugins/kolab_auth/config.inc.php.dist b/plugins/kolab_auth/config.inc.php.dist
index 3f77ea22..e7b9d159 100644
--- a/plugins/kolab_auth/config.inc.php.dist
+++ b/plugins/kolab_auth/config.inc.php.dist
@@ -72,5 +72,9 @@ $rcmail_config['kolab_auth_role_settings'] = Array(
             ),
     );
 
+// List of LDAP addressbooks (keys of ldap_public configuration array)
+// for which base_dn variables (%dc, etc.) will be replaced according to authenticated user DN
+// Note: special name '*' for all LDAP addressbooks
+$rcmail_config['kolab_auth_ldap_addressbooks'] = array('*');
 
 ?>
diff --git a/plugins/kolab_auth/kolab_auth.php b/plugins/kolab_auth/kolab_auth.php
index fb3b0515..d027dea5 100644
--- a/plugins/kolab_auth/kolab_auth.php
+++ b/plugins/kolab_auth/kolab_auth.php
@@ -51,6 +51,9 @@ class kolab_auth extends rcube_plugin
         $this->add_hook('smtp_connect', array($this, 'smtp_connect'));
         $this->add_hook('identity_form', array($this, 'identity_form'));
 
+        // Hook to modify some configuration, e.g. ldap
+        $this->add_hook('config_get', array($this, 'config_get'));
+
         $this->add_hook('write_log', array($this, 'write_log'));
 
         // TODO: This section does not actually seem to work
@@ -75,6 +78,35 @@ class kolab_auth extends rcube_plugin
         return $args;
     }
 
+    /**
+     * Modify some configuration according to LDAP user record
+     */
+    public function config_get($args)
+    {
+        // Replaces ldap_vars (%dc, etc) in public kolab ldap addressbooks
+        // config based on the users base_dn. (for multi domain support)
+        if ($args['name'] == 'ldap_public' && !empty($args['result'])) {
+            $this->load_config();
+
+            $rcmail      = rcube::get_instance();
+            $kolab_books = (array) $rcmail->config->get('kolab_auth_ldap_addressbooks');
+
+            foreach ($args['result'] as $name => $config) {
+                if (in_array($name, $kolab_books) || in_array('*', $kolab_books)) {
+                    $args['result'][$name]['base_dn']        = self::parse_ldap_vars($config['base_dn']);
+                    $args['result'][$name]['search_base_dn'] = self::parse_ldap_vars($config['search_base_dn']);
+                    $args['result'][$name]['bind_dn']        = str_replace('%dn', $_SESSION['kolab_dn'], $config['bind_dn']);
+
+                    if (!empty($config['groups'])) {
+                        $args['result'][$name]['groups']['base_dn'] = self::parse_ldap_vars($config['groups']['base_dn']);
+                    }
+                }
+            }
+        }
+
+        return $args;
+    }
+
     /**
      * Modifies list of plugins and settings according to
      * specified LDAP roles