diff --git a/bin/check-home-permissions.py b/bin/check-home-permissions.py
index c463763316f0287731cf611b43608fb3f5bb0bbb..2d51a889924a6afc57d86fa4f901fe9ab878a955 100755
--- a/bin/check-home-permissions.py
+++ b/bin/check-home-permissions.py
@@ -22,6 +22,9 @@ bad_home_directory = []
 no_ldap_user = []
 bad_nis_map = []
 no_nis_map = []
+no_blocked = []
+not_closed = []
+not_open = []
 
 
 class Home(object):
@@ -63,13 +66,20 @@ class Home(object):
 
 def search_ldap():
     ldap = dphysldap.Ldap()
-    ldap_users = dphysldap.Users(ldap, ['uid', 'uidNumber', 'gidNumber', 'homeDirectory'])
+    ldap_users = dphysldap.Users(ldap, ['uid', 'uidNumber', 'gidNumber', 'homeDirectory', 'blocked'])
     entries = dphysldap.Entries(ldap, ['cn', 'nisMapEntry'])
     auto_home = 'nisMapName=auto.home,ou=automount,dc=phys,dc=ethz,dc=ch'
 
     ldap_users.search('*')
     for user in ldap_users:
-        users[user['uid'][0]] = user['homeDirectory'][0]
+        user_attrs = {}
+        user_attrs['homeDirectory'] = user['homeDirectory'][0]
+        if user['blocked']:
+            user_attrs['blocked'] = user['blocked'][0]
+        else:
+            no_blocked.append(user['uid'][0])
+            user_attrs['blocked'] = 'no'
+        users[user['uid'][0]] = user_attrs
 
     entries.search('cn: *, nisMapEntry: phd-home*', ['nisObject'], base=auto_home)
     for entry in entries:
@@ -104,8 +114,14 @@ def check_homes(top):
             acl.append(home)
 
         if home.name in users:
-            if users[home.name][6:] != home.name:
-                bad_home_directory.append(': '.join([home.name, users[home.name]]))
+            if users[home.name]['homeDirectory'][6:] != home.name:
+                bad_home_directory.append(': '.join([home.name, users[home.name]['homeDirectory']]))
+            if users[home.name]['blocked'] == 'yes':
+                if home.st.st_mode != stat.S_IFDIR:
+                    not_closed.append(home)
+            else:
+                if home.st.st_mode != stat.S_IFDIR | stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR:
+                    not_open.append(home)
             del users[home.name]
         else:
             no_ldap_user.append(home)
@@ -166,6 +182,9 @@ if __name__ == '__main__':
 
     print('home dirs:            ' + str(home_dirs))
     print('strange ldap users:   ' + str(len(users)))
+    print('no blocked attr:      ' + str(len(no_blocked)))
+    print('home not closed:      ' + str(len(not_closed)))
+    print('home not open:        ' + str(len(not_open)))
     print('orphaned nis homes:   ' + str(len(nis_homes)))
     print('orphaned nis shares:  ' + str(len(nis_shares)))
     print('bad homeDirectory:    ' + str(len(bad_home_directory)))
@@ -201,7 +220,28 @@ if __name__ == '__main__':
         print('strange ldap users:')
         print('-------------------')
         for k, v in users.items():
-            print(': '.join([k, v]))
+            print(''.join([k, ': ', 'blocked=', v['blocked'], ' ', 'homeDirectory=', v['homeDirectory']]))
+        print()
+
+    if no_blocked:
+        print('no blocked attr:')
+        print('----------------')
+        for home in no_blocked:
+            print(home)
+        print()
+
+    if not_closed:
+        print('home not closed:')
+        print('----------------')
+        for home in not_closed:
+            print(home)
+        print()
+
+    if not_open:
+        print('home not open:')
+        print('-------------')
+        for home in not_open:
+            print(home)
         print()
 
     if nis_homes: