diff --git a/docker/kolab/Dockerfile b/docker/kolab/Dockerfile
index 898b0525..02e5f2f9 100644
--- a/docker/kolab/Dockerfile
+++ b/docker/kolab/Dockerfile
@@ -1,80 +1,80 @@
 FROM centos:7
 
 LABEL maintainer="contact@kolabsystems.com"
 LABEL dist=centos7
 LABEL tier=${TIER}
 
 ENV container docker
 ENV SYSTEMD_PAGER=''
 ENV DISTRO=centos7
 ENV LANG=en_US.utf8
 ENV LC_ALL=en_US.utf8
 
 RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
     rm -f /lib/systemd/system/multi-user.target.wants/*; \
     rm -f /etc/systemd/system/*.wants/*; \
     rm -f /lib/systemd/system/local-fs.target.wants/*; \
     rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
     rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
     rm -f /lib/systemd/system/basic.target.wants/*; \
     rm -f /lib/systemd/system/anaconda.target.wants/*;
 
 # To speed things up, disable fastestmirror.
 RUN sed -r -i \
         -e 's/^enabled.*$/enabled = 0/g' \
         /etc/yum/pluginconf.d/fastestmirror.conf
 
 # Avoid using a mirrorlist (use a transparent proxy and cache everything instead).
 RUN sed -r -i \
         -e 's/^mirrorlist/#mirrorlist/g' \
         -e 's/^#baseurl/baseurl/g' \
         /etc/yum.repos.d/*.repo
 
 RUN sed -i -e '/tsflags=nodocs/d' /etc/yum.conf
 
 # Add EPEL.
 RUN yum -y install \
         epel-release && \
     yum clean all
 
 # Add the EPEL key.
 RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
 
 RUN rpm --import https://mirror.kolabenterprise.com/maipo.asc
 
 RUN yum -y install https://mirror.kolabenterprise.com/kolab-16-for-el7.rpm && \
-    yum -y install kolab-16-release-development && \
+    yum -y install kolab-16-release-development patch && \
         yum clean all
 
 RUN yum -y --setopt tsflags= install kolab
 
 COPY kolab-init.service /etc/systemd/system/kolab-init.service
 COPY kolab-setenv.service /etc/systemd/system/kolab-setenv.service
 COPY kolab-vlv.service /etc/systemd/system/kolab-vlv.service
 COPY utils /root/utils
 
 RUN rm -rf /etc/systemd/system/multi-user.target.wants/{avahi-daemon,sshd}.* && \
     ln -s /etc/systemd/system/kolab-init.service \
         /etc/systemd/system/multi-user.target.wants/kolab-init.service && \
     ln -s /etc/systemd/system/kolab-setenv.service \
         /etc/systemd/system/multi-user.target.wants/kolab-setenv.service && \
     ln -s /etc/systemd/system/kolab-vlv.service \
         /etc/systemd/system/multi-user.target.wants/kolab-vlv.service
 
 RUN sed -i -r -e 's/^SELINUX=.*$/SELINUX=permissive/g' /etc/selinux/config 2>/dev/null || :
 
 RUN sed -i -r -e 's/^Listen 80$/Listen 9080/g' /etc/httpd/conf/httpd.conf
 #RUN sed -i -r -e 's/^Listen 443$/Listen 9443/g' /etc/httpd/conf/httpd.conf
 
 COPY kolab-init.sh /usr/local/sbin/
 RUN chmod 750 /usr/local/sbin/kolab-init.sh
 COPY kolab-vlv.sh /usr/local/sbin/
 RUN chmod 750 /usr/local/sbin/kolab-vlv.sh
 
 VOLUME [ "/sys/fs/cgroup" ]
 
 WORKDIR /root/
 
 CMD ["/lib/systemd/systemd"]
 
 EXPOSE 21/tcp 22/tcp 25/tcp 53/tcp 53/udp 80/tcp 110/tcp 389/tcp 443/tcp 995/tcp 5353/udp 8880/tcp 8443/tcp 8447/tcp 10143/tcp 10465/tcp 10587/tcp 11143/tcp 11993/tcp
diff --git a/docker/kolab/kolab-init.sh b/docker/kolab/kolab-init.sh
index 8119adf7..b2bb9403 100755
--- a/docker/kolab/kolab-init.sh
+++ b/docker/kolab/kolab-init.sh
@@ -1,34 +1,35 @@
 #!/bin/bash
 
 if [ -d "/etc/dirsrv/slapd-kolab/" ]; then
     exit 0
 fi
 
 cp -av /bin/true /usr/sbin/ds_systemd_ask_password_acl
 
 pushd /root/utils/
 
 ./01-reverse-etc-hosts.sh && echo "01 done"
 ./02-write-my.cnf.sh && echo "02 done"
 ./03-setup-kolab.sh && echo "03 done"
 ./04-reset-mysql-kolab-password.sh && echo "04 done"
 ./05-replace-localhost.sh && echo "05 done"
 ./06-mysql-for-kolabdev.sh && echo "06 done"
 ./07-adjust-base-dns.sh && echo "07 done"
 ./08-disable-amavisd.sh && echo "08 done"
 ./09-enable-debugging.sh && echo "09 done"
 ./10-change-port-numbers.sh && echo "10 done"
 ./10-reset-kolab-service-password.sh && echo "10 done"
 ./11-reset-cyrus-admin-password.sh && echo "11 done"
 ./12-create-hosted-kolab-service.sh && echo "12 done"
 ./13-create-ou-domains.sh && echo "13 done"
 ./14-create-management-domain.sh && echo "14 done"
 ./15-create-hosted-domain.sh && echo "15 done"
 ./16-remove-cn-kolab-cn-config.sh && echo "16 done"
 ./17-remove-hosted-service-access-from-mgmt-domain.sh && echo "17 done"
 ./18-adjust-kolab-conf.sh && echo "18 done"
 ./19-turn-on-vlv-in-roundcube.sh && echo "19 done"
 ./20-add-alias-attribute-index.sh && echo "20 done"
 ./21-adjust-postfix-config.sh && echo "21 done"
+./23-patch-system.sh && echo "23 done"
 
 touch /tmp/kolab-init.done
diff --git a/docker/kolab/utils/23-patch-system.sh b/docker/kolab/utils/23-patch-system.sh
new file mode 100755
index 00000000..fce29788
--- /dev/null
+++ b/docker/kolab/utils/23-patch-system.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+PATCHPATH=$(pwd)/patches
+
+# Example for applying a pykolab patch
+#pushd /usr/lib/python2.7/site-packages/ || exit
+#patch -p1 < "$PATCHPATH/0001-Resolve-base_dn-in-kolab_user_base_dn-user_base_dn-a.patch"
+#popd || exit
+#systemctl restart kolabd
+#systemctl restart wallace