*** core/authentication_api.php.orig	2010-04-23 18:28:34.000000000 +0000
--- core/authentication_api.php	2010-05-10 10:34:41.000000000 +0000
***************
*** 184,191 ****
  	if ( false === $t_user_id ) {
  		if ( BASIC_AUTH == $t_login_method ) {
  			$t_auto_create = true;
! 		} else if ( LDAP == $t_login_method && ldap_authenticate_by_username( $p_username, $p_password ) ) {
! 			$t_auto_create = true;
  		} else {
  			$t_auto_create = false;
  		}
--- 184,206 ----
  	if ( false === $t_user_id ) {
  		if ( BASIC_AUTH == $t_login_method ) {
  			$t_auto_create = true;
! 		} else if ( LDAP == $t_login_method ) {
! 			if (ldap_authenticate( -1, $p_password, $p_username )) {
! 				$t_email = ldap_email_from_username($p_username);
! 				if (user_create( $p_username, $p_password, $t_email ) ) {
! 					$t_user_id = user_get_id_by_name( $p_username );
! 					if ( false === $t_user_id ) {
! 						# @@@ trigger an error here?
! 						return false;
! 					}
! 					
! 				} else {
! 					# @@@ trigger an error here?
! 					return false;
! 				}
! 			} else {
! 				return false;
! 			}
  		} else {
  			$t_auto_create = false;
  		}
*** core/ldap_api.php.orig	2011-07-22 11:54:07.000000000 +0000
--- core/ldap_api.php	2011-04-05 18:24:17.000000000 +0000
***************
*** 323,329 ****
   * @param string $p_password
   * @return bool
   */
! function ldap_authenticate( $p_user_id, $p_password ) {
  	# if password is empty and ldap allows anonymous login, then
  	# the user will be able to login, hence, we need to check
  	# for this special case.
--- 323,329 ----
   * @param string $p_password
   * @return bool
   */
! function ldap_authenticate( $p_user_id, $p_password, $p_username='' ) {
  	# if password is empty and ldap allows anonymous login, then
  	# the user will be able to login, hence, we need to check
  	# for this special case.
***************
*** 331,337 ****
  		return false;
  	}
  
! 	$t_username = user_get_field( $p_user_id, 'username' );
  
  	return ldap_authenticate_by_username( $t_username, $p_password );
  }
--- 331,342 ----
  		return false;
  	}
  
! 	if ($p_user_id == -1) {
! 		$t_username		= $p_username;
! 	} else {
! 		$t_username      	= user_get_field( $p_user_id, 'username' );
! 	}
! 
  
  	return ldap_authenticate_by_username( $t_username, $p_password );
  }