diff --git a/util/db-mysql.sql b/util/db-mysql.sql
index d26577b..e10f9e7 100644
--- a/util/db-mysql.sql
+++ b/util/db-mysql.sql
@@ -297,6 +297,7 @@
    `id` bigint unsigned not null auto_increment,
    `ts` int not null,
    `email` varchar(128) not null,
+   `domain` varchar(128) not null,
    `action` int not null,
    `ipaddr` char(15) not null,
    `meta_id` bigint unsigned not null,
@@ -309,6 +310,7 @@
 create index `audit_idx2` on `audit`(`action`);
 create index `audit_idx3` on `audit`(`ipaddr`);
 create index `audit_idx4` on `audit`(`ts`);
+create index `audit_idx5` on `audit`(`domain`);
 
 
 
@@ -345,3 +347,14 @@
 ) ENGINE=InnoDB;
 
 
+create table if not exists `ldap` (
+   `id` int not null auto_increment primary key,
+   `description` varchar(255) not null,
+   `ldap_type` varchar(255) not null,
+   `ldap_host` varchar(255) not null,
+   `ldap_base_dn` varchar(255) not null,
+   `ldap_bind_dn` varchar(255) not null,
+   `ldap_bind_pw` varchar(255) not null
+) Engine=InnoDB;
+
+
diff --git a/util/db-upgrade-0.1.23-vs-0.1.24.sql b/util/db-upgrade-0.1.23-vs-0.1.24.sql
new file mode 100644
index 0000000..50ceff2
--- /dev/null
+++ b/util/db-upgrade-0.1.23-vs-0.1.24.sql
@@ -0,0 +1,18 @@
+alter table `domain` add column `ldap_id` int default 0;
+
+alter table `audit` add column `domain` varchar(128) not null,
+
+create index `audit_idx5` on `audit`(`domain`);
+
+create table if not exists `ldap` (
+   `id` int not null auto_increment primary key,
+   `description` varchar(255) not null,
+   `ldap_type` varchar(255) not null,
+   `ldap_host` varchar(255) not null,
+   `ldap_base_dn` varchar(255) not null,
+   `ldap_bind_dn` varchar(255) not null,
+   `ldap_bind_pw` varchar(255) not null
+) Engine=InnoDB;
+
+
+
diff --git a/webui/config.php b/webui/config.php
index e93ec58..13dfc5b 100644
--- a/webui/config.php
+++ b/webui/config.php
@@ -229,7 +229,10 @@
 if(isset($_SESSION['theme']) && preg_match("/^([a-zA-Z0-9\-\_]+)$/", $_SESSION['theme'])) { $config['THEME'] = $_SESSION['theme']; }
 
 // make sure auditors are restricted in a saas environment
-if($config['ENABLE_SAAS'] == 1 && $_SESSION['username'] != 'auditor@local') { $config['RESTRICTED_AUDITOR'] = 1; }
+if($config['ENABLE_SAAS'] == 1) { $config['RESTRICTED_AUDITOR'] = 1; }
+if(isset($_SESSION['username']) && $_SESSION['username'] == 'auditor@local') { $config['RESTRICTED_AUDITOR'] = 0; }
+
+
 
 foreach ($config as $k => $v) {
    define($k, $v);
diff --git a/webui/controller/audit/audit.php b/webui/controller/audit/audit.php
index 895cad5..d374ea5 100644
--- a/webui/controller/audit/audit.php
+++ b/webui/controller/audit/audit.php
@@ -14,7 +14,7 @@
 
       $this->load->model('audit/audit');
 
-      if(Registry::get('admin_user') == 0) {
+      if(Registry::get('admin_user') == 0 && Registry::get('auditor_user') == 0) {
          die("go away");
       }
 
diff --git a/webui/controller/audit/helper.php b/webui/controller/audit/helper.php
index d42eb79..786c38d 100644
--- a/webui/controller/audit/helper.php
+++ b/webui/controller/audit/helper.php
@@ -28,7 +28,7 @@
 
       $this->load->model('audit/audit');
 
-      if(Registry::get('admin_user') == 0) {
+      if(Registry::get('admin_user') == 0 && Registry::get('auditor_user') == 0) {
          die("go away");
       }
 
diff --git a/webui/controller/login/login.php b/webui/controller/login/login.php
index 0757c5b..1746be7 100644
--- a/webui/controller/login/login.php
+++ b/webui/controller/login/login.php
@@ -24,6 +24,7 @@
       $this->load->model('user/auth');
       $this->load->model('user/user');
       $this->load->model('user/prefs');
+      $this->load->model('domain/domain');
       $this->load->model('folder/folder');
 
       if(ENABLE_SAAS == 1) {
diff --git a/webui/model/audit/audit.php b/webui/model/audit/audit.php
index 49b7252..bc8477f 100644
--- a/webui/model/audit/audit.php
+++ b/webui/model/audit/audit.php
@@ -40,6 +40,19 @@
          $where .= " AND meta_id IN (" . $this->append_search_criteria($data['ref'], $arr) . ")";
       }
 
+      if(Registry::get('admin_user') == 0) {
+         while(list($k, $v) = each($_SESSION['auditdomains'])) {
+            if($q) { $q .= ","; }
+            $q .= "?";
+            array_push($arr, $v);
+         }
+
+         $where .= " AND domain IN ($q) ";
+
+         reset($_SESSION['auditdomains']);
+      }
+
+
       if(isset($data['date1'])) { $date1 = $data['date1']; }
       if(isset($data['date2'])) { $date2 = $data['date2']; }
 
diff --git a/webui/model/domain/domain.php b/webui/model/domain/domain.php
index 3d19caa..43bd422 100644
--- a/webui/model/domain/domain.php
+++ b/webui/model/domain/domain.php
@@ -39,6 +39,25 @@
    }
 
 
+   public function get_your_all_domains_by_email($email = '') {
+      $data = array();
+
+      if($email == '') { return $data; }
+
+      $a = explode("@", $email);
+
+      $query = $this->db->query("SELECT domain FROM " . TABLE_DOMAIN . " WHERE mapped IN (SELECT mapped FROM " . TABLE_DOMAIN . " WHERE domain=?)", array($a[1]));
+
+      if(isset($query->rows)) {
+         foreach ($query->rows as $q) {
+            array_push($data, $q['domain']);
+         }
+      }
+
+      return $data;
+   }
+
+
    public function deleteDomain($domain = '') {
       if($domain == "") { return 0; }
 
diff --git a/webui/model/user/auth.php b/webui/model/user/auth.php
index 7849d8f..d59de3b 100644
--- a/webui/model/user/auth.php
+++ b/webui/model/user/auth.php
@@ -232,7 +232,7 @@
       $_SESSION['domain'] = $a[1];
       $_SESSION['realname'] = $name;
 
-      $_SESSION['auditdomains'] = array();
+      $_SESSION['auditdomains'] = $this->model_domain_domain->get_your_all_domains_by_email($email);
       $_SESSION['emails'] = $emails;
       $_SESSION['folders'] = array();
       $_SESSION['extra_folders'] = array();
diff --git a/webui/system/misc.php b/webui/system/misc.php
index bf8a2f6..57ec602 100644
--- a/webui/system/misc.php
+++ b/webui/system/misc.php
@@ -26,9 +26,11 @@
    if($ipaddr == '' && isset($_SERVER['REMOTE_ADDR'])) { $ipaddr = $_SERVER['REMOTE_ADDR']; }
    if($email == '') { $email = $_SESSION['email']; }
 
+   $a = explode("@", $email);
+
    $db = Registry::get('db');
 
-   $query = $db->query("INSERT INTO " . TABLE_AUDIT . " (ts, email, action, ipaddr, meta_id, description) VALUES(?,?,?,?,?,?)", array(time(), $email, $action, $ipaddr, $id, $description));
+   $query = $db->query("INSERT INTO " . TABLE_AUDIT . " (ts, email, domain, action, ipaddr, meta_id, description) VALUES(?,?,?,?,?,?,?)", array(time(), $email, $a[1], $action, $ipaddr, $id, $description));
 
    return $db->countAffected();
 }
diff --git a/webui/view/theme/default/templates/common/menu.tpl b/webui/view/theme/default/templates/common/menu.tpl
index ffb3a89..5bb47fd 100644
--- a/webui/view/theme/default/templates/common/menu.tpl
+++ b/webui/view/theme/default/templates/common/menu.tpl
@@ -48,6 +48,11 @@
 
               <li><a href="search.php"><i class="icon-search"></i>&nbsp;<?php print $text_search; ?></a></li>
 
+          <?php if(ENABLE_AUDIT == 1 && $auditor_user == 1) { ?>
+              <li><a href="index.php?route=audit/audit"><i class="icon-book"></i>&nbsp;<?php print $text_audit; ?></a></li>
+          <?php } ?>
+
+
 	  <?php if(ENABLE_FOLDER_RESTRICTIONS == 1) { ?>
               <li><a href="/folders.php"><i class="icon-folder-close"></i>&nbsp;<?php print $text_folders; ?></a></li>
           <?php } ?>