diff --git a/README.md b/README.md
index 12143b1..1419eee 100644
--- a/README.md
+++ b/README.md
@@ -318,6 +318,7 @@ folder for help with:
 - [GitLab](example_configs/gitlab.md)
 - [Grafana](example_configs/grafana_ldap_config.toml)
 - [Hedgedoc](example_configs/hedgedoc.md)
+- [Home Assistant](example_configs/home-assistant.md)
 - [Jellyfin](example_configs/jellyfin.md)
 - [Jenkins](example_configs/jenkins.md)
 - [Jitsi Meet](example_configs/jitsi_meet.conf)
diff --git a/example_configs/home-assistant.md b/example_configs/home-assistant.md
index 8efe333..728b714 100644
--- a/example_configs/home-assistant.md
+++ b/example_configs/home-assistant.md
@@ -16,9 +16,20 @@ homeassistant:
     - type: homeassistant
     - type: command_line
       command: /config/lldap-ha-auth.sh
-      # Only allow users in the 'homeassistant_user' group to login.
-      # Change to ["https://lldap.example.com"] to allow all users
-      args: ["https://lldap.example.com", "homeassistant_user"]
+      # arguments: [<LDAP Host>, <regular user group>, <admin user group>, <local user group>]
+      # <regular user group>: Find users that has permission to access homeassistant, anyone inside
+      # this group will have the default 'system-users' permission in homeassistant.
+      #
+      # <admin user group>: Allow users in the <regular user group> to be assigned into 'system-admin' group.
+      # Anyone inside this group will not have the 'system-users' permission as only one permission group
+      # is allowed in homeassistant
+      #
+      # <local user group>: Users in the <local user group> (e.g., 'homeassistant_local') can only access
+      # homeassistant inside LAN network.
+      #
+      # Only the first argument is required. ["https://lldap.example.com"] allows all users to log in from
+      # anywhere and have 'system-users' permissions. 
+      args: ["https://lldap.example.com", "homeassistant_user", "homeassistant_admin", "homeassistant_local"]
       meta: true
 ```
 3. Reload your config or restart Home Assistant
diff --git a/example_configs/lldap-ha-auth.sh b/example_configs/lldap-ha-auth.sh
index 06f93b7..86500e1 100644
--- a/example_configs/lldap-ha-auth.sh
+++ b/example_configs/lldap-ha-auth.sh
@@ -66,5 +66,26 @@ fi
 
 DISPLAY_NAME=$(jq -r .displayName <<< $USER_JSON)
 
+IS_ADMIN=false
+if [[ ! -z "$3" ]] && jq -e '.groups|map(.displayName)|index("'"$3"'")' <<< "$USER_JSON" > /dev/null 2>&1; then
+    IS_ADMIN=true
+fi
+
+IS_LOCAL=false
+if [[ ! -z "$4" ]] && jq -e '.groups|map(.displayName)|index("'"$4"'")' <<< "$USER_JSON" > /dev/null 2>&1; then
+	IS_LOCAL=true
+fi
+
 [[ ! -z "$DISPLAY_NAME" ]] && echo "name = $DISPLAY_NAME"
 
+if [[ "$IS_ADMIN" = true ]]; then
+	echo "group = system-admin"
+else
+    echo "group = system-users"
+fi
+
+if [[ "$IS_LOCAL" = true ]]; then
+	echo "local_only = true"
+else
+    echo "local_only = false"
+fi
\ No newline at end of file