diff --git a/src/ui/api/user.go b/src/ui/api/user.go
index 7b023b9dc..17def3bf1 100644
--- a/src/ui/api/user.go
+++ b/src/ui/api/user.go
@@ -241,6 +241,12 @@ func (ua *UserAPI) Delete() {
 		return
 	}
 
+	// TODO read from conifg
+	authMode := os.Getenv("AUTH_MODE")
+	if authMode == "ldap_auth" {
+		ua.CustomAbort(http.StatusForbidden, "user can not be deleted in LDAP authentication mode")
+	}
+
 	if ua.currentUserID == ua.userID {
 		ua.CustomAbort(http.StatusForbidden, "can not delete yourself")
 	}