diff --git a/deps/ldapalchemy b/deps/ldapalchemy
index 6a0b85f2c6a11951d99d4b4e84b1df992580d964..db135ec7a4940a384e82a4500cfb0e73ecd2f557 160000
--- a/deps/ldapalchemy
+++ b/deps/ldapalchemy
@@ -1 +1 @@
-Subproject commit 6a0b85f2c6a11951d99d4b4e84b1df992580d964
+Subproject commit db135ec7a4940a384e82a4500cfb0e73ecd2f557
diff --git a/uffd/mfa/models.py b/uffd/mfa/models.py
index 92d20cfb37bf02f343b72d53a5f5d452a3f4da9b..898798897e9fd50cffabc4ff450b97e2864854d0 100644
--- a/uffd/mfa/models.py
+++ b/uffd/mfa/models.py
@@ -13,6 +13,7 @@ import crypt
 
 from flask import request, current_app
 from sqlalchemy import Column, Integer, Enum, String, DateTime, Text
+from ldapalchemy.dbutils import DBRelationship
 
 from uffd.database import db
 from uffd.user.models import User
@@ -29,6 +30,7 @@ class MFAMethod(db.Model):
 	created = Column(DateTime())
 	name = Column(String(128))
 	dn = Column(String(128))
+	user = DBRelationship('dn', User, backref='mfa_methods')
 
 	__mapper_args__ = {
 		'polymorphic_on': type,
@@ -39,14 +41,6 @@ class MFAMethod(db.Model):
 		self.name = name
 		self.created = datetime.datetime.now()
 
-	@property
-	def user(self):
-		return User.query.get(self.dn)
-
-	@user.setter
-	def user(self, new_user):
-		self.dn = new_user.dn
-
 class RecoveryCodeMethod(MFAMethod):
 	code_salt = Column('recovery_salt', String(64))
 	code_hash = Column('recovery_hash', String(256))
diff --git a/uffd/oauth2/models.py b/uffd/oauth2/models.py
index 2900367c53448ba2f78a0b99760fe3547aafbc3e..162ac321f33fd9a9c68ce60047bf6de7d151c586 100644
--- a/uffd/oauth2/models.py
+++ b/uffd/oauth2/models.py
@@ -1,5 +1,6 @@
 from flask import current_app
 from sqlalchemy import Column, Integer, String, DateTime, Text
+from ldapalchemy.dbutils import DBRelationship
 
 from uffd.database import db
 from uffd.user.models import User
@@ -36,14 +37,7 @@ class OAuth2Grant(db.Model):
 	id = Column(Integer, primary_key=True)
 
 	user_dn = Column(String(128))
-
-	@property
-	def user(self):
-		return User.query.get(self.user_dn)
-
-	@user.setter
-	def user(self, newuser):
-		self.user_dn = newuser.dn
+	user = DBRelationship('user_dn', User, backref='oauth2_grants')
 
 	client_id = Column(String(40))
 
@@ -76,13 +70,7 @@ class OAuth2Token(db.Model):
 	id = Column(Integer, primary_key=True)
 
 	user_dn = Column(String(128))
-	@property
-	def user(self):
-		return User.query.get(self.user_dn)
-
-	@user.setter
-	def user(self, newuser):
-		self.user_dn = newuser.dn
+	user = DBRelationship('user_dn', User, backref='oauth2_tokens')
 
 	client_id = Column(String(40))