diff --git a/DOCUMENTATION.md b/DOCUMENTATION.md
index a5334ba6..16b4518b 100644
--- a/DOCUMENTATION.md
+++ b/DOCUMENTATION.md
@@ -1060,6 +1060,16 @@ The path to the CA file in pem format which is used to certificate the server ce
 
 Default:
 
+##### ldap_ignore_attribute_create_modify_timestamp
+
+_(>= 3.5.1)_
+
+Add modifyTimestamp and createTimestamp to the exclusion list of internal ldap3 client
+so that these schema attributes are not checked. This is needed for Authentik since
+Authentik does not provide these both attributes.
+
+Default: false
+
 ##### dovecot_connection_type = AF_UNIX
 
 _(>= 3.4.1)_
diff --git a/config b/config
index 6df01d9f..273763de 100644
--- a/config
+++ b/config
@@ -74,6 +74,9 @@
 ## Expiration time of caching failed logins in seconds
 #cache_failed_logins_expiry = 90
 
+# Ignore modifyTimestamp and createTimestamp attributes. Needed if Authentik LDAP server is used. Uncomment then.
+#ldap_ignore_attribute_create_modify_timestamp = true  
+
 # URI to the LDAP server
 #ldap_uri = ldap://localhost
 
diff --git a/radicale/auth/ldap.py b/radicale/auth/ldap.py
index a4c73808..da84225f 100644
--- a/radicale/auth/ldap.py
+++ b/radicale/auth/ldap.py
@@ -63,6 +63,12 @@ class Auth(auth.BaseAuth):
                 self.ldap = ldap
             except ImportError as e:
                 raise RuntimeError("LDAP authentication requires the ldap3 module") from e
+
+        self._ldap_ignore_attribute_create_modify_timestamp = configuration.get("auth", "ldap_ignore_attribute_create_modify_timestamp")
+        if self._ldap_ignore_attribute_create_modify_timestamp:
+            self.ldap3.utils.config._ATTRIBUTES_EXCLUDED_FROM_CHECK.extend(['createTimestamp', 'modifyTimestamp'])
+            logger.info("auth.ldap_ignore_attribute_create_modify_timestamp applied")
+
         self._ldap_uri = configuration.get("auth", "ldap_uri")
         self._ldap_base = configuration.get("auth", "ldap_base")
         self._ldap_reader_dn = configuration.get("auth", "ldap_reader_dn")
diff --git a/radicale/config.py b/radicale/config.py
index e683cb5b..e74832cd 100644
--- a/radicale/config.py
+++ b/radicale/config.py
@@ -259,6 +259,10 @@ DEFAULT_CONFIG_SCHEMA: types.CONFIG_SCHEMA = OrderedDict([
             "value": "1",
             "help": "incorrect authentication delay",
             "type": positive_float}),
+        ("ldap_ignore_attribute_create_modify_timestamp", {
+            "value": "false",
+            "help": "Ignore modifyTimestamp and createTimestamp attributes. Need if Authentik LDAP server is used.",
+            "type": bool}),
         ("ldap_uri", {
             "value": "ldap://localhost",
             "help": "URI to the ldap server",