diff --git a/README.md b/README.md
index b7810b96aa50a0e07ec0ce3c53b95c317af9c649..a15cacfdd97123d9cf0473443c1e34b261a1c333 100644
--- a/README.md
+++ b/README.md
@@ -14,6 +14,10 @@ Instructions for making it run:
 * Visit your SharePoint and put in your User Guid
 	* You find one from your Coscine database
 	* You should be logged in with that User Guid
+* Set the value "coscine/global/ad/url" in your Consul storage with your Active Directory url
+* Set the value "coscine/global/ad/ou" in your Consul storage with your Active Directory orginizational unit
+* Set the value "coscine/global/ad/username" in your Consul storage with your Active Directory username
+* Set the value "coscine/global/ad/password" in your Consul storage with your Active Directory password
 * Have fun!
 
 For ORCiD:
diff --git a/docs/home.md b/docs/home.md
index 1679b4a7c0f8138faed36fc8a40c6ce4d218c877..bcd015e0b7f02873ea34a62100cc3cf03eb6e03a 100644
--- a/docs/home.md
+++ b/docs/home.md
@@ -14,6 +14,10 @@ Instructions for making it run:
 * Visit your SharePoint and put in your User Guid
 	* You find one from your Coscine database
 	* You should be logged in with that User Guid
+* Set the value "coscine/global/ad/url" in your Consul storage with your Active Directory url
+* Set the value "coscine/global/ad/ou" in your Consul storage with your Active Directory orginizational unit
+* Set the value "coscine/global/ad/username" in your Consul storage with your Active Directory username
+* Set the value "coscine/global/ad/password" in your Consul storage with your Active Directory password
 * Have fun!
 
 ### Links 
diff --git a/src/STS/Controllers/ORCiDController.cs b/src/STS/Controllers/ORCiDController.cs
index bc24587f713377cb3cc7f5bc657ce123d2d4e560..2853fdc1e423fa23caa20d2c2ddb2de5854c424e 100644
--- a/src/STS/Controllers/ORCiDController.cs
+++ b/src/STS/Controllers/ORCiDController.cs
@@ -15,6 +15,8 @@ using System.Net;
 using Microsoft.IdentityModel.Logging;
 using Coscine.ApiCommons.Models;
 using System.Linq;
+using System.DirectoryServices;
+using System.DirectoryServices.AccountManagement;
 
 namespace Coscine.STS.Controllers
 {
@@ -67,7 +69,7 @@ namespace Coscine.STS.Controllers
                     UserPlainModel userPlainModel = new UserPlainModel(Program.Configuration);
                     var user = new User
                     {
-                        DisplayName = givenname + " " + surname,
+                        DisplayName = (givenname + " " + surname).Trim(),
                         EmailAddress = ORCiD + "@orcid.org",
                         Surname = surname,
                         Givenname = givenname
@@ -79,7 +81,7 @@ namespace Coscine.STS.Controllers
                         ExternalAuthenticatorId = orcidAuthItem.Id,
                         UserId = user.Id
                     });
-                    userId = user.Id;
+                    userId = user.Id;                    
                 }
 
                 var identityClaims = new[] { new System.Security.Claims.Claim(System.IdentityModel.Claims.ClaimTypes.Name, userId.ToString()) };
diff --git a/src/STS/STS.csproj b/src/STS/STS.csproj
index e5478a9a3d328587e14910c1fb9e1f80256b0a69..c62bfd23ab5b755f144137237750d3e244b99755 100644
--- a/src/STS/STS.csproj
+++ b/src/STS/STS.csproj
@@ -9,8 +9,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Coscine.ApiCommons" Version="1.2.1" />
-    <PackageReference Include="Coscine.Database" Version="1.5.1" />
+    <PackageReference Include="Coscine.ApiCommons" Version="1.2.2" />
+    <PackageReference Include="Coscine.Database" Version="1.10.0" />
     <PackageReference Include="Microsoft.AspNetCore" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.Abstractions" Version="2.2.0" />
@@ -21,6 +21,9 @@
     <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="2.2.0" />
     <PackageReference Include="Microsoft.IdentityModel" Version="7.0.0" />
     <PackageReference Include="Microsoft.NET.Sdk.Razor" Version="2.2.0" />
+    <PackageReference Include="System.DirectoryServices" Version="4.6.0" />
+    <PackageReference Include="System.DirectoryServices.AccountManagement" Version="4.6.0" />
+    <PackageReference Include="System.DirectoryServices.Protocols" Version="4.6.0" />
     <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="5.5.0" />
   </ItemGroup>
 
diff --git a/src/STS/Security/CustomSecurityTokenService.cs b/src/STS/Security/CustomSecurityTokenService.cs
index 97e76c0deec88038d2ce75de75eb9180393ed1c4..203654075ca721e7dad0409a2741ba498f2490d2 100644
--- a/src/STS/Security/CustomSecurityTokenService.cs
+++ b/src/STS/Security/CustomSecurityTokenService.cs
@@ -1,6 +1,7 @@
 using Coscine.ApiCommons.Models;
 using System;
 using System.Configuration;
+using System.DirectoryServices;
 using System.IdentityModel;
 using System.IdentityModel.Configuration;
 using System.IdentityModel.Protocols.WSTrust;
@@ -77,6 +78,8 @@ namespace Coscine.STS.Security
             UserPlainModel userPlainModel = new UserPlainModel(Program.Configuration);
             var user = userPlainModel.GetById(Guid.Parse(principal.Identity.Name));
 
+            AddToAD(user);
+
             var claims = new[]
                 {
                     new Claim(System.IdentityModel.Claims.ClaimTypes.Name, user.DisplayName),
@@ -91,6 +94,49 @@ namespace Coscine.STS.Security
             return identity;
         }
 
+        private static void AddToAD(Database.Model.User user)
+        {
+            // If keys exist
+            if (Program.Configuration.KeysAndWait("coscine/global/ad") != null)
+            {
+                var adUsername = Program.Configuration.GetStringAndWait("coscine/global/ad/username");
+                var adPassword = Program.Configuration.GetStringAndWait("coscine/global/ad/password");
+
+                using (DirectoryEntry directoryEntry = new DirectoryEntry("LDAP://" + Program.Configuration.GetStringAndWait("coscine/global/ad/url"), adUsername, adPassword))
+                {
+                    using (var coscineEntry = directoryEntry.Children.Find("OU=" + Program.Configuration.GetStringAndWait("coscine/global/ad/ou")))
+                    {
+                        try
+                        {
+                            // Check if user already exists in AD
+                            coscineEntry.Children.Find("CN=" + user.Id);
+                        }
+                        catch (DirectoryServicesCOMException)
+                        {
+                            using (var newUser = coscineEntry.Children.Add("CN=" + user.Id, "User"))
+                            {
+                                newUser.Properties["sAMAccountName"].Value = user.Id.ToString().Substring(0, 20);
+                                if (!string.IsNullOrWhiteSpace(user.Givenname))
+                                {
+                                    newUser.Properties["givenName"].Value = user.Givenname;
+                                }
+                                if (!string.IsNullOrWhiteSpace(user.Surname))
+                                {
+                                    newUser.Properties["sn"].Value = user.Surname;
+                                }
+                                newUser.Properties["displayName"].Value = user.DisplayName;
+                                newUser.Properties["mail"].Value = user.EmailAddress;
+                                newUser.Properties["uid"].Value = user.Id.ToString();
+                                newUser.Properties["userPrincipalName"].Value = user.Id.ToString() + "@" + Program.Configuration.GetStringAndWait("coscine/global/ad/url");
+
+                                newUser.CommitChanges();
+                            }
+                        }
+                    }
+                }
+            }
+        }
+
         public static X509Certificate2 GetCertificate()
         {
             var pfx = Program.Configuration.GetAndWait("coscine/global/sts/pfx");