diff --git a/lib/install.js b/lib/install.js
index e15bc47919100..7f01920caa791 100644
--- a/lib/install.js
+++ b/lib/install.js
@@ -195,6 +195,10 @@ function install (where, args, cb) {
     log.warn('install', 'Usage of the `--dev` option is deprecated. Use `--only=dev` instead.')
   }
 
+  if (npm.config.get('package-lock-only') && !npm.config.get('package-lock')) {
+    return cb(Object.assign(new Error('--package-lock-only conflicts with config setting `package-lock: false`.'), { code: 'ENEEDPACKAGELOCK' }))
+  }
+
   if (where === globalTop && !args.length) {
     args = ['.']
   }
diff --git a/lib/utils/error-message.js b/lib/utils/error-message.js
index 55c54634542fa..f8107935f26da 100644
--- a/lib/utils/error-message.js
+++ b/lib/utils/error-message.js
@@ -351,6 +351,13 @@ function errorMessage (er) {
         ].join('\n')
       ])
       break
+    case 'ENEEDPACKAGELOCK':
+      short.push(['eneedpackagelock', er.message])
+      detail.push([
+        'eneedpackagelock',
+        'Package lock must be enabled in order to use --package-lock-only.'
+      ])
+      break
 
     default:
       short.push(['', er.message || er])
diff --git a/package-lock.json b/package-lock.json
index 58fe37370bda7..d45374349d52a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -3215,6 +3215,7 @@
           "version": "0.1.4",
           "bundled": true,
           "dev": true,
+          "optional": true,
           "requires": {
             "kind-of": "^3.0.2",
             "longest": "^1.0.1",
@@ -4397,7 +4398,8 @@
         "longest": {
           "version": "1.0.1",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         },
         "loose-envify": {
           "version": "1.3.1",
diff --git a/test/tap/install-package-lock-only.js b/test/tap/install-package-lock-only.js
index 9d8aa8dbec313..c1ea78f005c1f 100644
--- a/test/tap/install-package-lock-only.js
+++ b/test/tap/install-package-lock-only.js
@@ -28,6 +28,18 @@ var conf = {
   })
 }
 
+const confPkgLockFalse = {
+  cwd: testdir,
+  env: Object.assign({}, process.env, {
+    npm_config_cache: cachedir,
+    npm_config_tmp: tmpdir,
+    npm_config_prefix: globaldir,
+    npm_config_registry: common.registry,
+    npm_config_loglevel: 'warn',
+    npm_config_package_lock: false
+  })
+}
+
 var server
 var fixture = new Tacks(Dir({
   cache: Dir(),
@@ -78,6 +90,19 @@ test('package-lock-only', function (t) {
   })
 })
 
+test('package-lock-only errors when package-lock=false', function (t) {
+  return common.npm(['install', '--package-lock-only', '--json'], confPkgLockFalse).spread((code, stdout, stderr) => {
+    t.isNot(code, 0, 'error')
+    t.comment(stdout.trim())
+    t.comment(stderr.trim())
+    let error = JSON.parse(stdout).error
+    t.equal(error.code, "ENEEDPACKAGELOCK")
+    t.equal(error.summary, "--package-lock-only conflicts with config setting `package-lock: false`.")
+    t.equal(error.detail, "Package lock must be enabled in order to use --package-lock-only.")
+    t.end()
+  })
+})
+
 test('cleanup', function (t) {
   server.close()
   cleanup()