diff --git a/config.cfg.example b/config.cfg.example
index 97845ba..10bcc9d 100644
--- a/config.cfg.example
+++ b/config.cfg.example
@@ -7,5 +7,17 @@ LDAP_BASE = "ou=people,dc=example,dc=com"
 
 ADMINS = [ "cn=admin,ou=people,dc=example,dc=com" ]
 
+CREATE_DN = "cn={user},ou=people,dc=example,dc=com"
+CREATE_ATTRS = {
+	'objectClass' : ['top', 'inetOrgPerson', 'organizationalPerson', 'person', 'posixAccount'],
+	'cn' : '{user}',
+	'givenName' : '{gn}',
+	'homeDirectory' : '/home/{user}',
+	'loginShell' : '/bin/bash',
+	'sn' : '{sn}',
+	'uid' : '{user}',
+	'uidNumber' : '{uid}'
+}
+
 REDIS_HOST = "127.0.0.1"
 REDIS_PSWD = "foobared"
diff --git a/index.py b/index.py
index f924e67..e853dd8 100755
--- a/index.py
+++ b/index.py
@@ -78,14 +78,27 @@ def create():
 		l = ldap.initialize(app.config.get('LDAP_URI', 'ldaps://127.0.0.1'))
 		try:
 			l.simple_bind_s(rdb.hget(session['uuid'], 'user'), rdb.hget(session['uuid'], 'pswd'))
-			# TODO implement
-			#l.add_s()
+			d = {
+				'user' : form.user.data,
+				'uid' : form.uid.data,
+				'gn' : form.gn.data,
+				'sn' : form.sn.data,
+			}
+			dn = app.config.get('CREATE_DN').format(d)
+			attrs = {}
+			for k,v in app.config.get('CREATE_ATTRS'):
+				if isinstance(v, string):
+					attrs[k] = v.format(d)
+				elif isinstance(v, list):
+					attrs[k] = []
+					for e in v:
+						attrs[k].append(v.format(d))
+			l.add_s(dn, ldap.modlist.addModlist(attrs))
 		except:
 			l.unbind_s()
 		else:
 			# TODO display success message
 			l.unbind_s()
-			pass
 
 	return render_template('create.html', form=form, nav=buildNav())