diff --git a/group_vars/dnagw.yml b/group_vars/dnagw.yml
index 980ec34..dcb6654 100644
--- a/group_vars/dnagw.yml
+++ b/group_vars/dnagw.yml
@@ -52,6 +52,10 @@ firewall_src: pf.conf.gw_dna.j2
 # unbound config
 unbound_config: unbound.conf.dna.j2
 
+# get extra hosts from ldap
+dhcpd_ldap_filter: >-
+  (&(objectClass=ieee802Device)(objectClass=ipHost)(cn=*.{{ intdomain }}))
+
 # ifstated config
 ifstated_config: ifstated-dna.conf.j2
 
diff --git a/roles/dhcpd/templates/dhcpd.conf.j2 b/roles/dhcpd/templates/dhcpd.conf.j2
index 400b3c6..e7c83be 100644
--- a/roles/dhcpd/templates/dhcpd.conf.j2
+++ b/roles/dhcpd/templates/dhcpd.conf.j2
@@ -65,3 +65,11 @@ host {{ hostname }} {
 {%     endfor %}
 {%   endif %}
 {% endfor %}
+
+{% for host in ldap_hosts.results %}
+host {{ host['cn'] }} {
+    option host-name "{{ host['cn'] }}";
+    hardware ethernet {{ host['macAddress'] }};
+    fixed-address {{ host['ipHostNumber'] }};
+}
+{% endfor %}