diff --git a/.gitignore b/.gitignore
index 25325b37890..accc24d84cd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -43,6 +43,7 @@ fig.yml
 docker-compose.yml
 docker-compose.yaml
 /conf/provisioning/**/custom.yaml
+/conf/ldap_dev.toml
 profile.cov
 /grafana
 /local
diff --git a/docker/blocks/openldap/entrypoint.sh b/docker/blocks/openldap/entrypoint.sh
index d560b78d388..2f383355907 100755
--- a/docker/blocks/openldap/entrypoint.sh
+++ b/docker/blocks/openldap/entrypoint.sh
@@ -80,7 +80,15 @@ EOF
         done
     fi
 
-    for file in `ls /etc/ldap/prepopulate/*.ldif`; do
+    for file in `ls /etc/ldap/prepopulate/units/*.ldif`; do
+        slapadd -F /etc/ldap/slapd.d -l "$file"
+    done
+
+    for file in `ls /etc/ldap/prepopulate/groups/*.ldif`; do
+        slapadd -F /etc/ldap/slapd.d -l "$file"
+    done
+
+    for file in `ls /etc/ldap/prepopulate/users/*.ldif`; do
         slapadd -F /etc/ldap/slapd.d -l "$file"
     done
 
diff --git a/docker/blocks/openldap/prepopulate/admin.ldif b/docker/blocks/openldap/prepopulate/admin.ldif
deleted file mode 100644
index 3f4406d5810..00000000000
--- a/docker/blocks/openldap/prepopulate/admin.ldif
+++ /dev/null
@@ -1,10 +0,0 @@
-dn: cn=ldapadmin,dc=grafana,dc=org
-mail: ldapadmin@grafana.com
-userPassword: grafana
-objectClass: person
-objectClass: top
-objectClass: inetOrgPerson
-objectClass: organizationalPerson
-sn: ldapadmin
-cn: ldapadmin
-memberOf: cn=admins,dc=grafana,dc=org
diff --git a/docker/blocks/openldap/prepopulate/adminsgroup.ldif b/docker/blocks/openldap/prepopulate/adminsgroup.ldif
deleted file mode 100644
index d8dece4e458..00000000000
--- a/docker/blocks/openldap/prepopulate/adminsgroup.ldif
+++ /dev/null
@@ -1,5 +0,0 @@
-dn: cn=admins,dc=grafana,dc=org
-cn: admins
-member: cn=ldapadmin,dc=grafana,dc=org
-objectClass: groupOfNames
-objectClass: top
diff --git a/docker/blocks/openldap/prepopulate/editor.ldif b/docker/blocks/openldap/prepopulate/editor.ldif
deleted file mode 100644
index eba3adc4352..00000000000
--- a/docker/blocks/openldap/prepopulate/editor.ldif
+++ /dev/null
@@ -1,10 +0,0 @@
-dn: cn=ldapeditor,dc=grafana,dc=org
-mail: ldapeditor@grafana.com
-userPassword: grafana
-objectClass: person
-objectClass: top
-objectClass: inetOrgPerson
-objectClass: organizationalPerson
-sn: ldapeditor
-cn: ldapeditor
-memberOf: cn=users,dc=grafana,dc=org
diff --git a/docker/blocks/openldap/prepopulate/groups/admins.ldif b/docker/blocks/openldap/prepopulate/groups/admins.ldif
new file mode 100644
index 00000000000..50d3a0ea4a8
--- /dev/null
+++ b/docker/blocks/openldap/prepopulate/groups/admins.ldif
@@ -0,0 +1,5 @@
+dn: cn=admins,ou=groups,dc=grafana,dc=org
+cn: admins
+objectClass: groupOfNames
+objectClass: top
+member: cn=ldap-admin,ou=users,dc=grafana,dc=org
diff --git a/docker/blocks/openldap/prepopulate/groups/backend.ldif b/docker/blocks/openldap/prepopulate/groups/backend.ldif
new file mode 100644
index 00000000000..09a661adea0
--- /dev/null
+++ b/docker/blocks/openldap/prepopulate/groups/backend.ldif
@@ -0,0 +1,5 @@
+dn: cn=backend,ou=groups,dc=grafana,dc=org
+cn: backend
+objectClass: groupOfNames
+objectClass: top
+member: cn=ldap-editor,dc=grafana,dc=org
diff --git a/docker/blocks/openldap/prepopulate/groups/editor.ldif b/docker/blocks/openldap/prepopulate/groups/editor.ldif
new file mode 100644
index 00000000000..331ecc94141
--- /dev/null
+++ b/docker/blocks/openldap/prepopulate/groups/editor.ldif
@@ -0,0 +1,5 @@
+dn: cn=editors,ou=groups,dc=grafana,dc=org
+cn: editors
+objectClass: groupOfNames
+objectClass: top
+member: cn=ldap-editor,ou=users,dc=grafana,dc=org
diff --git a/docker/blocks/openldap/prepopulate/groups/frontend.ldif b/docker/blocks/openldap/prepopulate/groups/frontend.ldif
new file mode 100644
index 00000000000..c410b96c7ad
--- /dev/null
+++ b/docker/blocks/openldap/prepopulate/groups/frontend.ldif
@@ -0,0 +1,5 @@
+dn: cn=frontend,ou=groups,dc=grafana,dc=org
+cn: frontend
+objectClass: groupOfNames
+objectClass: top
+member: cn=ldap-frontend-1,ou=users,dc=grafana,dc=org
diff --git a/docker/blocks/openldap/prepopulate/units/groups.ldif b/docker/blocks/openldap/prepopulate/units/groups.ldif
new file mode 100644
index 00000000000..64e21ad744f
--- /dev/null
+++ b/docker/blocks/openldap/prepopulate/units/groups.ldif
@@ -0,0 +1,3 @@
+dn: ou=groups,dc=grafana,dc=org
+objectclass: top
+objectclass: organizationalUnit
diff --git a/docker/blocks/openldap/prepopulate/units/users.ldif b/docker/blocks/openldap/prepopulate/units/users.ldif
new file mode 100644
index 00000000000..76fc50dd299
--- /dev/null
+++ b/docker/blocks/openldap/prepopulate/units/users.ldif
@@ -0,0 +1,3 @@
+dn: ou=users,dc=grafana,dc=org
+objectclass: top
+objectclass: organizationalUnit
diff --git a/docker/blocks/openldap/prepopulate/users/ldap-admin.ldif b/docker/blocks/openldap/prepopulate/users/ldap-admin.ldif
new file mode 100644
index 00000000000..1704a15c3db
--- /dev/null
+++ b/docker/blocks/openldap/prepopulate/users/ldap-admin.ldif
@@ -0,0 +1,11 @@
+dn: cn=ldap-admin,ou=users,dc=grafana,dc=org
+mail: ldap-admin@grafana.com
+userPassword: grafana
+objectClass: person
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+sn: ldap-admin
+cn: ldap-admin
+memberOf: cn=admins,ou=groups,dc=grafana,dc=org
+memberOf: cn=editors,ou=groups,dc=grafana,dc=org
diff --git a/docker/blocks/openldap/prepopulate/users/ldap-editor.ldif b/docker/blocks/openldap/prepopulate/users/ldap-editor.ldif
new file mode 100644
index 00000000000..d0de99f8c16
--- /dev/null
+++ b/docker/blocks/openldap/prepopulate/users/ldap-editor.ldif
@@ -0,0 +1,10 @@
+dn: cn=ldap-editor,ou=users,dc=grafana,dc=org
+mail: ldap-editor@grafana.com
+userPassword: grafana
+objectClass: person
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+sn: ldap-editor
+cn: ldap-editor
+memberOf: cn=editors,ou=groups,dc=grafana,dc=org
diff --git a/docker/blocks/openldap/prepopulate/users/ldap-frontend-1.ldif b/docker/blocks/openldap/prepopulate/users/ldap-frontend-1.ldif
new file mode 100644
index 00000000000..f5ebe0b41c4
--- /dev/null
+++ b/docker/blocks/openldap/prepopulate/users/ldap-frontend-1.ldif
@@ -0,0 +1,10 @@
+dn: cn=ldap-frontend-1,ou=users,dc=grafana,dc=org
+mail: ldap-frontend-1@grafana.com
+userPassword: grafana
+objectClass: person
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+sn: ldap-frontend-1
+cn: ldap-frontend-1
+memberOf: cn=frontend,ou=groups,dc=grafana,dc=org
diff --git a/docker/blocks/openldap/prepopulate/viewer.ldif b/docker/blocks/openldap/prepopulate/users/ldap-viewer.ldif
similarity index 52%
rename from docker/blocks/openldap/prepopulate/viewer.ldif
rename to docker/blocks/openldap/prepopulate/users/ldap-viewer.ldif
index f699a7df57b..07066355a13 100644
--- a/docker/blocks/openldap/prepopulate/viewer.ldif
+++ b/docker/blocks/openldap/prepopulate/users/ldap-viewer.ldif
@@ -1,9 +1,9 @@
-dn: cn=ldapviewer,dc=grafana,dc=org
-mail: ldapviewer@grafana.com
+dn: cn=ldap-viewer,ou=users,dc=grafana,dc=org
+mail: ldap-viewer@grafana.com
 userPassword: grafana
 objectClass: person
 objectClass: top
 objectClass: inetOrgPerson
 objectClass: organizationalPerson
-sn: ldapviewer
-cn: ldapviewer
+sn: ldap-viewer
+cn: ldap-viewer
diff --git a/docker/blocks/openldap/prepopulate/usersgroup.ldif b/docker/blocks/openldap/prepopulate/usersgroup.ldif
deleted file mode 100644
index a1de3a50d38..00000000000
--- a/docker/blocks/openldap/prepopulate/usersgroup.ldif
+++ /dev/null
@@ -1,5 +0,0 @@
-dn: cn=users,dc=grafana,dc=org
-cn: users
-member: cn=ldapeditor,dc=grafana,dc=org
-objectClass: groupOfNames
-objectClass: top