diff --git a/Gemfile b/Gemfile
index 46c7bbfe..f254f255 100644
--- a/Gemfile
+++ b/Gemfile
@@ -48,7 +48,7 @@ gem 'omniauth'
 gem 'omniauth-twitter'
 gem 'omniauth-google-oauth2'
 gem 'omniauth-bn-office365', git: 'https://github.com/blindsidenetworks/omniauth-bn-office365.git', tag: '0.1.0'
-gem 'omniauth-bn-launcher', git: 'https://github.com/blindsidenetworks/omniauth-bn-launcher.git', tag: '0.1.1'
+gem 'omniauth-bn-launcher', git: 'https://github.com/blindsidenetworks/omniauth-bn-launcher.git', tag: '0.1.2'
 gem 'bn-ldap-authentication', git: 'https://github.com/blindsidenetworks/bn-ldap-authentication.git'
 gem 'net-ldap'
 
diff --git a/Gemfile.lock b/Gemfile.lock
index e2cf0654..4fa74d53 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,16 +1,16 @@
 GIT
   remote: https://github.com/blindsidenetworks/bn-ldap-authentication.git
-  revision: 538132e0df70dbe470120f7bc7a93968c522031f
+  revision: 9b93c64f106675755577f45d1fe520ca5405d522
   specs:
-    bn-ldap-authentication (1.0.0)
+    bn-ldap-authentication (1.0.1)
       net-ldap
 
 GIT
   remote: https://github.com/blindsidenetworks/omniauth-bn-launcher.git
-  revision: 025785046c3d532ed2252ef4762469c8d08d4839
-  tag: 0.1.1
+  revision: 4f43f9df48f92c209176ab487fc9b45bbb660b9b
+  tag: 0.1.2
   specs:
-    omniauth-bn-launcher (0.1.1)
+    omniauth-bn-launcher (0.1.2)
       omniauth (~> 1.3, >= 1.3.2)
       omniauth-oauth2 (= 1.5.0)
 
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index f4de6416..da89f3d2 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -81,7 +81,7 @@ class SessionsController < ApplicationController
       return redirect_to(ldap_signin_path, alert: I18n.t("invalid_credentials"))
     end
 
-    @auth = parse_auth(result)
+    @auth = parse_auth(result, ENV['LDAP_ROLE_FIELD'])
 
     process_signin
   end
diff --git a/sample.env b/sample.env
index 9cd2100e..62e6f6ac 100644
--- a/sample.env
+++ b/sample.env
@@ -59,6 +59,7 @@ OFFICE365_HD=
 #   LDAP_BASE=dc=example,dc=com
 #   LDAP_BIND_DN=cn=admin,dc=example,dc=com
 #   LDAP_PASSWORD=password
+#   LDAP_ROLE_FIELD=ou
 LDAP_SERVER=
 LDAP_PORT=
 LDAP_METHOD=
@@ -66,6 +67,7 @@ LDAP_UID=
 LDAP_BASE=
 LDAP_BIND_DN=
 LDAP_PASSWORD=
+LDAP_ROLE_FIELD=
 
 # Set this to true if you want GreenLight to support user signup and login without
 # Omniauth. For more information, see: