diff --git a/changelog/unreleased/ldap-nobody-fallback.md b/changelog/unreleased/ldap-nobody-fallback.md
new file mode 100644
index 0000000000..0e517294e3
--- /dev/null
+++ b/changelog/unreleased/ldap-nobody-fallback.md
@@ -0,0 +1,5 @@
+Bugfix: Fill in missing gid/uid number with nobody
+
+When an LDAP server does not provide numeric uid or gid properties for a user we now fall back to a configurable `nobody` id (default 99).
+
+https://github.com/cs3org/reva/pull/1848
diff --git a/pkg/auth/manager/ldap/ldap.go b/pkg/auth/manager/ldap/ldap.go
index b7dbfd306c..32e31cf5d7 100644
--- a/pkg/auth/manager/ldap/ldap.go
+++ b/pkg/auth/manager/ldap/ldap.go
@@ -60,6 +60,7 @@ type config struct {
 	Idp          string     `mapstructure:"idp"`
 	GatewaySvc   string     `mapstructure:"gatewaysvc"`
 	Schema       attributes `mapstructure:"schema"`
+	Nobody       int64      `mapstructure:"nobody"`
 }
 
 type attributes struct {
@@ -116,6 +117,9 @@ func New(m map[string]interface{}) (auth.Manager, error) {
 		c.LoginFilter = c.UserFilter
 		c.LoginFilter = strings.ReplaceAll(c.LoginFilter, "%s", "{{login}}")
 	}
+	if c.Nobody == 0 {
+		c.Nobody = 99
+	}
 
 	c.GatewaySvc = sharedconf.GetGatewaySVC(c.GatewaySvc)
 
@@ -184,13 +188,21 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, clientSecret string)
 	if getGroupsResp.Status.Code != rpc.Code_CODE_OK {
 		return nil, nil, errors.Wrap(err, "ldap: grpc getting user groups failed")
 	}
-	gidNumber, err := strconv.ParseInt(sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.GIDNumber), 10, 64)
-	if err != nil {
-		return nil, nil, err
-	}
-	uidNumber, err := strconv.ParseInt(sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.UIDNumber), 10, 64)
-	if err != nil {
-		return nil, nil, err
+	gidNumber := am.c.Nobody
+	gidValue := sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.GIDNumber)
+	if gidValue != "" {
+		gidNumber, err = strconv.ParseInt(gidValue, 10, 64)
+		if err != nil {
+			return nil, nil, err
+		}
+	}
+	uidNumber := am.c.Nobody
+	uidValue := sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.UIDNumber)
+	if uidValue != "" {
+		uidNumber, err = strconv.ParseInt(uidValue, 10, 64)
+		if err != nil {
+			return nil, nil, err
+		}
 	}
 	u := &user.User{
 		Id: userID,
diff --git a/pkg/group/manager/ldap/ldap.go b/pkg/group/manager/ldap/ldap.go
index 5e99d2ef5a..9905a1a74f 100644
--- a/pkg/group/manager/ldap/ldap.go
+++ b/pkg/group/manager/ldap/ldap.go
@@ -61,6 +61,7 @@ type config struct {
 	BindPassword    string     `mapstructure:"bind_password"`
 	Idp             string     `mapstructure:"idp"`
 	Schema          attributes `mapstructure:"schema"`
+	Nobody          int64      `mapstructure:"nobody"`
 }
 
 type attributes struct {
@@ -173,9 +174,13 @@ func (m *manager) GetGroup(ctx context.Context, gid *grouppb.GroupId) (*grouppb.
 	if err != nil {
 		return nil, err
 	}
-	gidNumber, err := strconv.ParseInt(sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.GIDNumber), 10, 64)
-	if err != nil {
-		return nil, err
+	gidNumber := m.c.Nobody
+	gidValue := sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.GIDNumber)
+	if gidValue != "" {
+		gidNumber, err = strconv.ParseInt(gidValue, 10, 64)
+		if err != nil {
+			return nil, err
+		}
 	}
 
 	g := &grouppb.Group{
diff --git a/pkg/user/manager/ldap/ldap.go b/pkg/user/manager/ldap/ldap.go
index 18ec424b7f..f830b44179 100644
--- a/pkg/user/manager/ldap/ldap.go
+++ b/pkg/user/manager/ldap/ldap.go
@@ -60,6 +60,7 @@ type config struct {
 	BindPassword    string     `mapstructure:"bind_password"`
 	Idp             string     `mapstructure:"idp"`
 	Schema          attributes `mapstructure:"schema"`
+	Nobody          int64      `mapstructure:"nobody"`
 }
 
 type attributes struct {
@@ -116,6 +117,10 @@ func New(m map[string]interface{}) (user.Manager, error) {
 	}
 	c.GroupFilter = strings.ReplaceAll(c.GroupFilter, "%s", "{{.OpaqueId}}")
 
+	if c.Nobody == 0 {
+		c.Nobody = 99
+	}
+
 	mgr := &manager{
 		c: c,
 	}
@@ -176,13 +181,21 @@ func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId) (*userpb.User
 	if err != nil {
 		return nil, err
 	}
-	gidNumber, err := strconv.ParseInt(sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.GIDNumber), 10, 64)
-	if err != nil {
-		return nil, err
+	gidNumber := m.c.Nobody
+	gidValue := sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.GIDNumber)
+	if gidValue != "" {
+		gidNumber, err = strconv.ParseInt(gidValue, 10, 64)
+		if err != nil {
+			return nil, err
+		}
 	}
-	uidNumber, err := strconv.ParseInt(sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.UIDNumber), 10, 64)
-	if err != nil {
-		return nil, err
+	uidNumber := m.c.Nobody
+	uidValue := sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.UIDNumber)
+	if uidValue != "" {
+		uidNumber, err = strconv.ParseInt(uidValue, 10, 64)
+		if err != nil {
+			return nil, err
+		}
 	}
 	u := &userpb.User{
 		Id:          id,
@@ -255,13 +268,21 @@ func (m *manager) GetUserByClaim(ctx context.Context, claim, value string) (*use
 	if err != nil {
 		return nil, err
 	}
-	gidNumber, err := strconv.ParseInt(sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.GIDNumber), 10, 64)
-	if err != nil {
-		return nil, err
+	gidNumber := m.c.Nobody
+	gidValue := sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.GIDNumber)
+	if gidValue != "" {
+		gidNumber, err = strconv.ParseInt(gidValue, 10, 64)
+		if err != nil {
+			return nil, err
+		}
 	}
-	uidNumber, err := strconv.ParseInt(sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.UIDNumber), 10, 64)
-	if err != nil {
-		return nil, err
+	uidNumber := m.c.Nobody
+	uidValue := sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.UIDNumber)
+	if uidValue != "" {
+		uidNumber, err = strconv.ParseInt(uidValue, 10, 64)
+		if err != nil {
+			return nil, err
+		}
 	}
 	u := &userpb.User{
 		Id:          id,
@@ -315,13 +336,21 @@ func (m *manager) FindUsers(ctx context.Context, query string) ([]*userpb.User,
 		if err != nil {
 			return nil, err
 		}
-		gidNumber, err := strconv.ParseInt(sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.GIDNumber), 10, 64)
-		if err != nil {
-			return nil, err
+		gidNumber := m.c.Nobody
+		gidValue := sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.GIDNumber)
+		if gidValue != "" {
+			gidNumber, err = strconv.ParseInt(gidValue, 10, 64)
+			if err != nil {
+				return nil, err
+			}
 		}
-		uidNumber, err := strconv.ParseInt(sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.UIDNumber), 10, 64)
-		if err != nil {
-			return nil, err
+		uidNumber := m.c.Nobody
+		uidValue := sr.Entries[0].GetEqualFoldAttributeValue(m.c.Schema.UIDNumber)
+		if uidValue != "" {
+			uidNumber, err = strconv.ParseInt(uidValue, 10, 64)
+			if err != nil {
+				return nil, err
+			}
 		}
 		user := &userpb.User{
 			Id:          id,