diff --git a/app/Core/User/UserProfile.php b/app/Core/User/UserProfile.php
index 8b9ebb718..02c734857 100644
--- a/app/Core/User/UserProfile.php
+++ b/app/Core/User/UserProfile.php
@@ -52,7 +52,9 @@ class UserProfile extends Base
             $profile = $this->userModel->getById($user->getInternalId());
         } elseif ($user->getExternalIdColumn() && $user->getExternalId()) {
             $profile = $this->userSync->synchronize($user);
-            $this->groupSync->synchronize($profile['id'], $user->getExternalGroupIds());
+            if (LDAP_GROUP_SYNC) {
+                $this->groupSync->synchronize($profile['id'], $user->getExternalGroupIds());
+            }
         }
 
         if (! empty($profile) && $profile['is_active'] == 1) {
diff --git a/app/constants.php b/app/constants.php
index d201aa00d..c552c836c 100644
--- a/app/constants.php
+++ b/app/constants.php
@@ -92,6 +92,8 @@ defined('LDAP_GROUP_FILTER') or define('LDAP_GROUP_FILTER', getenv('LDAP_GROUP_F
 defined('LDAP_GROUP_USER_FILTER') or define('LDAP_GROUP_USER_FILTER', getenv('LDAP_GROUP_USER_FILTER') ?: '');
 defined('LDAP_GROUP_USER_ATTRIBUTE') or define('LDAP_GROUP_USER_ATTRIBUTE', getenv('LDAP_GROUP_USER_ATTRIBUTE') ?: 'username');
 defined('LDAP_GROUP_ATTRIBUTE_NAME') or define('LDAP_GROUP_ATTRIBUTE_NAME', getenv('LDAP_GROUP_ATTRIBUTE_NAME') ?: 'cn');
+defined('LDAP_GROUP_SYNC') or define('LDAP_GROUP_SYNC', getenv('LDAP_GROUP_SYNC') ?: true);
+
 
 // Proxy authentication
 defined('REVERSE_PROXY_AUTH') or define('REVERSE_PROXY_AUTH', strtolower(getenv('REVERSE_PROXY_AUTH')) === 'true');
diff --git a/config.default.php b/config.default.php
index 9ed83f617..211af61ad 100644
--- a/config.default.php
+++ b/config.default.php
@@ -195,6 +195,9 @@ define('LDAP_GROUP_USER_ATTRIBUTE', 'username');
 // LDAP attribute for the group name
 define('LDAP_GROUP_ATTRIBUTE_NAME', 'cn');
 
+// Enable/Disable groups synchronization when external authentication is used.
+define('LDAP_GROUP_SYNC', true);
+
 // Enable/disable the reverse proxy authentication
 define('REVERSE_PROXY_AUTH', false);
 
diff --git a/docker/etc/php7/php-fpm.d/env.conf b/docker/etc/php7/php-fpm.d/env.conf
index ebd21e98f..c72840b41 100644
--- a/docker/etc/php7/php-fpm.d/env.conf
+++ b/docker/etc/php7/php-fpm.d/env.conf
@@ -154,6 +154,9 @@ env[TOTP_ISSUER] = $TOTP_ISSUER
 ; Comma separated list of fields to not synchronize when using external authentication providers
 env[EXTERNAL_AUTH_EXCLUDE_FIELDS] = $EXTERNAL_AUTH_EXCLUDE_FIELDS
 
+; Enable/Disable groups synchronization when external authentication is used.
+env[LDAP_GROUP_SYNC] = $LDAP_GROUP_SYNC
+
 env[SHOW_GROUP_MEMBERSHIPS_IN_USERLIST] = $SHOW_GROUP_MEMBERSHIPS_IN_USERLIST
 env[SHOW_GROUP_MEMBERSHIPS_IN_USERLIST_WITH_LIMIT] = $SHOW_GROUP_MEMBERSHIPS_IN_USERLIST_WITH_LIMIT