diff -prauN local/html/Callbacks/LDAP/autohandler/Auth local.new/html/Callbacks/LDAP/autohandler/Auth
--- local/html/Callbacks/LDAP/autohandler/Auth	2006-08-16 14:37:51.000000000 -0300
+++ local.new/html/Callbacks/LDAP/autohandler/Auth	2006-08-16 14:41:04.000000000 -0300
@@ -14,7 +14,7 @@ unless ($session{'CurrentUser'}) {
             my $UserObj = RT::User->new($RT::SystemUser);
             my ($val, $msg) = $UserObj->SetName($user);
 
-            if ($UserObj->IsPassword($pass)) {
+            if ($UserObj->IsPassword($pass,$user)) {
                 ### If there were a standard param to check for whether or not we
                 ### should autocreate users, we'd check it here.
                 my ($val, $msg) = 
@@ -57,3 +57,4 @@ $user => undef
 $pass => undef
 $menu => undef
 </%ARGS>
+
diff -prauN local/lib/RT/User_Local.pm local.new/lib/RT/User_Local.pm
--- local/lib/RT/User_Local.pm	2006-08-16 14:37:51.000000000 -0300
+++ local.new/lib/RT/User_Local.pm	2006-08-16 14:39:07.000000000 -0300
@@ -142,6 +142,7 @@ sub LdapConfigAuthAndInfoAreSame {
 sub IsLDAPPassword {
     my $self = shift;
     my $value = shift;
+    my $user = shift;
 
     # Don't ask for external authentication unless enabled in RT_SiteConfig
     unless ($RT::LdapExternalAuth) {
@@ -163,8 +164,16 @@ sub IsLDAPPassword {
     my $ldap = $self->_GetBoundLdapObj('Auth', version=>3);
     return unless ($ldap);
 
-    my $filter_string = '(&(' . $RT::LdapAttrMap->{'Name'} . '=' . 
+    $RT::Logger->debug("[IsLDAPPassword] user=$user");
+    my $filter_string = '';
+    if ( ( !defined($user) ) or ( $user eq '' ) ) {
+    $filter_string = '(&(' . $RT::LdapAttrMap->{'Name'} . '=' . 
       $self->Name . ')' . $ldap_filter . ')';
+    } else {
+    $filter_string = '(&(' . $RT::LdapAttrMap->{'Name'} . '=' . 
+      $user . ')' . $ldap_filter . ')';
+    }
+
     my $filter = Net::LDAP::Filter->new($filter_string);
 
     my $ldap_msg = $ldap->search(base   => $ldap_base,
@@ -227,6 +236,7 @@ sub IsLDAPPassword {
 sub IsInternalPassword {
     my $self = shift;
     my $value = shift;
+    my $user = shift;
 
     unless ($self->HasPassword) {
         $RT::Logger->info((caller(0))[3], 
@@ -262,6 +272,7 @@ sub IsInternalPassword {
 sub IsPassword {
     my $self  = shift;
     my $value = shift;
+    my $user = shift;
 
     #TODO there isn't any apparent way to legitimately ACL this
 
@@ -285,7 +296,7 @@ sub IsPassword {
         # Eval this since they might specify an auth method without
         # an "Is<auth>Password" method implemented
         eval {
-            $success = $self->$method($value);
+            $success = $self->$method($value,$user);
         };
 
         $RT::Logger->debug((caller(0))[3], "auth method $method", 
@@ -627,3 +638,4 @@ sub UpdateFromLdap {
 }
 
 1;
+