diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 1e4c2c67122..4e9a5284429 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -181,6 +181,10 @@ samba-admem-mit:
 samba-ad-dc-4-mitkrb5:
   extends: .shared_template
 
+samba-ad-dc-fips:
+  extends: .shared_template
+  image: $SAMBA_CI_CONTAINER_IMAGE_fedora31
+
 .private_template:
   extends: .shared_template
   tags:
@@ -245,6 +249,7 @@ pages:
     - samba-nt4
     - samba-schemaupgrade
     - samba-ad-dc-1-mitkrb5
+    - samba-ad-dc-fips
   script:
     - ./configure.developer
     - make -j
diff --git a/script/autobuild.py b/script/autobuild.py
index 64f8ad90961..7a9e57e3b24 100755
--- a/script/autobuild.py
+++ b/script/autobuild.py
@@ -456,6 +456,16 @@ tasks = {
         ("check-clean-tree", "script/clean-source-tree.sh"),
         ],
 
+    # Test fips compliance
+    "samba-ad-dc-fips": [
+        ("random-sleep", random_sleep(1, 1)),
+        ("configure", "./configure.developer --with-selftest-prefix=./bin/ab --with-system-mitkrb5 --with-experimental-mit-ad-dc" + samba_configure_params),
+        ("make", "make -j"),
+        ("test", make_test(include_envs=["ad_dc_fips"])),
+        ("lcov", LCOV_CMD),
+        ("check-clean-tree", "script/clean-source-tree.sh"),
+        ],
+
     # run the backup/restore testenvs separately as they're fairly standalone
     # (and CI seems to max out at ~8 different DCs running at once)
     "samba-ad-dc-backup": [
@@ -816,6 +826,7 @@ defaulttasks.remove("pass")
 defaulttasks.remove("fail")
 defaulttasks.remove("samba-test-only")
 defaulttasks.remove("samba-fuzz")
+defaulttasks.remove("samba-ad-dc-fips")
 if os.environ.get("AUTOBUILD_SKIP_SAMBA_O3", "0") == "1":
     defaulttasks.remove("samba-o3")