diff --git a/conf/config.inc.php b/conf/config.inc.php
index 9250b05..f0bd618 100644
--- a/conf/config.inc.php
+++ b/conf/config.inc.php
@@ -31,6 +31,8 @@
 $ldap_base = "dc=example,dc=com";
 $ldap_user_base = "ou=users,".$ldap_base;
 $ldap_user_filter = "(objectClass=inetOrgPerson)";
+$ldap_ppolicy_filter = "(objectClass=pwdPolicy)";
+$ldap_ppolicy_name_attribute = "cn";
 $ldap_size_limit = 100;
 #$ldap_default_ppolicy = "cn=default,ou=ppolicy,dc=example,dc=com";
 $ldap_lastauth_attribute = "authTimestamp";
@@ -67,6 +69,7 @@
     'pwdchangedtime' => array( 'attribute' => 'pwdchangedtime', 'faclass' => 'lock', 'type' => 'date' ),
     'pwdfailuretime' => array( 'attribute' => 'pwdfailuretime', 'faclass' => 'lock', 'type' => 'date' ),
     'pwdlastsuccess' => array( 'attribute' => 'pwdlastsuccess', 'faclass' => 'lock', 'type' => 'date' ),
+    'pwdpolicysubentry' => array( 'attribute' => 'pwdpolicysubentry', 'faclass' => 'lock', 'type' => 'ppolicy_dn' ),
     'pwdreset' => array( 'attribute' => 'pwdreset', 'faclass' => 'lock', 'type' => 'boolean' ),
     'secretary' => array( 'attribute' => 'secretary', 'faclass' => 'user-circle-o', 'type' => 'dn_link' ),
     'state' => array( 'attribute' => 'st', 'faclass' => 'globe', 'type' => 'text' ),
diff --git a/docs/ldap-parameters.rst b/docs/ldap-parameters.rst
index 92845db..5627d81 100644
--- a/docs/ldap-parameters.rst
+++ b/docs/ldap-parameters.rst
@@ -75,8 +75,20 @@ It is advised to set a search limit on client side if no limit is set by the ser
 
     $ldap_size_limit = 100;
 
-Default password policy
------------------------
+Password policies
+-----------------
+
+Configure the filter to match password policy configuration objects:
+
+.. code-block:: php
+
+   $ldap_ppolicy_filter = "(objectClass=pwdPolicy)";
+
+Define which attribute value will be displayed as password policy name:
+
+.. code-block:: php
+
+   $ldap_ppolicy_name_attribute = "cn";
 
 Set ``$ldap_default_ppolicy`` value if a default policy is configured in your LDAP directory.
 
diff --git a/htdocs/display.php b/htdocs/display.php
index 4530157..2bd3ce9 100644
--- a/htdocs/display.php
+++ b/htdocs/display.php
@@ -93,6 +93,11 @@
             $entry[0][$attr] = $values;
         }
 
+        # Include default password policy
+        if ( !$entry[0]['pwdpolicysubentry'] and $ldap_default_ppolicy) {
+            $entry[0]['pwdpolicysubentry'][] = $ldap_default_ppolicy;
+        }
+
         if ($display_edit_link) {
             # Replace {dn} in URL
             $edit_link = str_replace("{dn}", urlencode($dn), $display_edit_link);
diff --git a/htdocs/index.php b/htdocs/index.php
index 3435c71..ec92eb9 100644
--- a/htdocs/index.php
+++ b/htdocs/index.php
@@ -48,7 +48,7 @@
 
 # Assign configuration variables
 $smarty->assign("page_title", false);
-$smarty->assign('ldap_params',array('ldap_url' => $ldap_url, 'ldap_starttls' => $ldap_starttls, 'ldap_binddn' => $ldap_binddn, 'ldap_bindpw' => $ldap_bindpw, 'ldap_user_base' => $ldap_user_base, 'ldap_user_filter' => $ldap_user_filter));
+$smarty->assign('ldap_params',array('ldap_url' => $ldap_url, 'ldap_starttls' => $ldap_starttls, 'ldap_binddn' => $ldap_binddn, 'ldap_bindpw' => $ldap_bindpw, 'ldap_user_base' => $ldap_user_base, 'ldap_user_filter' => $ldap_user_filter, 'ldap_ppolicy_filter' => $ldap_ppolicy_filter, 'ldap_ppolicy_name_attribute' => $ldap_ppolicy_name_attribute, 'ldap_default_ppolicy' => $ldap_default_ppolicy));
 $smarty->assign('logo',$logo);
 $smarty->assign('background_image',$background_image);
 $smarty->assign('custom_css',$custom_css);
diff --git a/lang/en.inc.php b/lang/en.inc.php
index f808d15..493600a 100644
--- a/lang/en.inc.php
+++ b/lang/en.inc.php
@@ -58,6 +58,7 @@
 $messages['label_pwdaccountlockedtime'] = "Locking date";
 $messages['label_pwdchangedtime'] = "Last password change";
 $messages['label_pwdfailuretime'] = "Last authentication failures";
+$messages['label_pwdpolicysubentry'] = "Associated password policy";
 $messages['label_pwdreset'] = "Reset password at next connection";
 $messages['label_secretary'] = "Secretary";
 $messages['label_state'] = "State";
diff --git a/lang/fr.inc.php b/lang/fr.inc.php
index 41df712..ca3ecb8 100644
--- a/lang/fr.inc.php
+++ b/lang/fr.inc.php
@@ -58,6 +58,7 @@
 $messages['label_pwdaccountlockedtime'] = "Date de blocage";
 $messages['label_pwdchangedtime'] = "Dernier changement de mot de passe";
 $messages['label_pwdfailuretime'] = "Derniers échecs d'authentification";
+$messages['label_pwdpolicysubentry'] = "Politique des mots de passe associée";
 $messages['label_pwdreset'] = "Réinitialisation du mot de passe à la prochaine connexion";
 $messages['label_secretary'] = "Secrétaire";
 $messages['label_state'] = "État";
diff --git a/templates/value_displayer.tpl b/templates/value_displayer.tpl
index e915541..0a4384c 100644
--- a/templates/value_displayer.tpl
+++ b/templates/value_displayer.tpl
@@ -38,6 +38,11 @@
     {/if}
 {/if}
 
+{if $type eq 'ppolicy_dn'}
+    {assign var="name" value="{{get_attribute dn="{$value}" attribute="{$ldap_params.ldap_ppolicy_name_attribute}" ldap_url="{$ldap_params.ldap_url}" ldap_starttls="{$ldap_params.ldap_starttls}" ldap_binddn="{$ldap_params.ldap_binddn}" ldap_bindpw="{$ldap_params.ldap_bindpw}" ldap_filter="{$ldap_params.ldap_ppolicy_filter}" ldap_network_timeout="{$ldap_params.ldap_network_timeout}"}|truncate:{$truncate_value_after}}"}
+    {if $name}{$name}<br />{/if}
+{/if}
+
 {if $type eq 'address'}
     {foreach split_value($value,'$') as $fragment}
     {$fragment|truncate:{$truncate_value_after}}<br />