diff --git a/website/docs/integrations/sources/active-directory/01_user_create.png b/website/docs/integrations/sources/active-directory/01_user_create.png
index 2762693bd..485e6f32b 100644
Binary files a/website/docs/integrations/sources/active-directory/01_user_create.png and b/website/docs/integrations/sources/active-directory/01_user_create.png differ
diff --git a/website/docs/integrations/sources/active-directory/02_delegate.png b/website/docs/integrations/sources/active-directory/02_delegate.png
index 997c4cf14..9060f3a14 100644
Binary files a/website/docs/integrations/sources/active-directory/02_delegate.png and b/website/docs/integrations/sources/active-directory/02_delegate.png differ
diff --git a/website/docs/integrations/sources/active-directory/03_additional_perms.png b/website/docs/integrations/sources/active-directory/03_additional_perms.png
new file mode 100644
index 000000000..49ceb4e0f
Binary files /dev/null and b/website/docs/integrations/sources/active-directory/03_additional_perms.png differ
diff --git a/website/docs/integrations/sources/active-directory/03_ak_status.png b/website/docs/integrations/sources/active-directory/10_ak_status.png
similarity index 100%
rename from website/docs/integrations/sources/active-directory/03_ak_status.png
rename to website/docs/integrations/sources/active-directory/10_ak_status.png
diff --git a/website/docs/integrations/sources/active-directory/04_ak_stage.png b/website/docs/integrations/sources/active-directory/11_ak_stage.png
similarity index 100%
rename from website/docs/integrations/sources/active-directory/04_ak_stage.png
rename to website/docs/integrations/sources/active-directory/11_ak_stage.png
diff --git a/website/docs/integrations/sources/active-directory/index.md b/website/docs/integrations/sources/active-directory/index.md
index 78fd8e3db..7f81220c8 100644
--- a/website/docs/integrations/sources/active-directory/index.md
+++ b/website/docs/integrations/sources/active-directory/index.md
@@ -19,7 +19,7 @@ The following placeholders will be used:
 
 3. Give the User a password, generated using for example `pwgen 64 1`.
 
-4. Open the Delegation of Control Wizard by right-clicking the domain.
+4. Open the Delegation of Control Wizard by right-clicking the domain and selecting "All Tasks".
 
 5. Select the authentik service user you've just created.
 
@@ -27,8 +27,13 @@ The following placeholders will be used:
 
     ![](./02_delegate.png)
 
-## authentik Setup
+7. Grant these additional permissions (only required when *Sync users' password* is enabled, and dependant on your AD Domain)
 
+    ![](./03_additional_perms.png)
+
+Additional infos: https://support.microfocus.com/kb/doc.php?id=7023371
+
+## authentik Setup
 In authentik, create a new LDAP Source in Administration -> Sources.
 
 Use these settings:
@@ -55,8 +60,8 @@ The other settings might need to be adjusted based on the setup of your domain.
 
 After you save the source, a synchronization will start in the background. When its done, you cen see the summary on the System Tasks page.
 
-![](./03_ak_status.png)
+![](./10_ak_status.png)
 
 To finalise the Active Directory setup, you need to enable the backend "authentik LDAP" in the Password Stage.
 
-![](./04_ak_stage.png)
+![](./11_ak_stage.png)