diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
index 9855de2216..8ba2d5a179 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
@@ -525,6 +525,7 @@ module.controller('LDAPCtrl', function($scope, $location, Notifications, Dialog,
     $scope.ldapVendors = [
         { "id": "ad", "name": "Active Directory" },
         { "id": "rhds", "name": "Red Hat Directory Server" },
+        { "id": "tivoli", "name": "Tivoli" },
         { "id": "other", "name": "Other" }
     ];
 
diff --git a/model/api/src/main/java/org/keycloak/models/LDAPConstants.java b/model/api/src/main/java/org/keycloak/models/LDAPConstants.java
index 38b538e5d0..97651fc878 100644
--- a/model/api/src/main/java/org/keycloak/models/LDAPConstants.java
+++ b/model/api/src/main/java/org/keycloak/models/LDAPConstants.java
@@ -9,6 +9,7 @@ public class LDAPConstants {
     public static final String VENDOR_RHDS = "rhds";
     public static final String VENDOR_ACTIVE_DIRECTORY = "ad";
     public static final String VENDOR_OTHER = "other";
+    public static final String VENDOR_TIVOLI = "tivoli";
 
     public static final String USERNAME_LDAP_ATTRIBUTE = "usernameLDAPAttribute";
     public static final String USER_OBJECT_CLASSES = "userObjectClasses";
diff --git a/picketlink/keycloak-picketlink-ldap/src/main/java/org/keycloak/picketlink/ldap/PartitionManagerRegistry.java b/picketlink/keycloak-picketlink-ldap/src/main/java/org/keycloak/picketlink/ldap/PartitionManagerRegistry.java
index a3aaab36e5..a120ee1876 100755
--- a/picketlink/keycloak-picketlink-ldap/src/main/java/org/keycloak/picketlink/ldap/PartitionManagerRegistry.java
+++ b/picketlink/keycloak-picketlink-ldap/src/main/java/org/keycloak/picketlink/ldap/PartitionManagerRegistry.java
@@ -105,6 +105,8 @@ public class PartitionManagerRegistry {
         // RHDS is using "nsuniqueid" as unique identifier instead of "entryUUID"
         if (vendor != null && vendor.equals(LDAPConstants.VENDOR_RHDS)) {
             ldapStoreBuilder.uniqueIdentifierAttributeName("nsuniqueid");
+        } else if (LDAPConstants.VENDOR_TIVOLI.equals(vendor)) {
+            ldapStoreBuilder.uniqueIdentifierAttributeName("uniqueidentifier");
         }
 
         LDAPMappingConfigurationBuilder ldapUserMappingBuilder = ldapStoreBuilder