diff -urp ldap_integration/ldapauth.admin.inc ldap_new/ldapauth.admin.inc
--- ldap_integration/ldapauth.admin.inc	2009-05-03 20:26:43.000000000 -0400
+++ ldap_new/ldapauth.admin.inc	2009-08-03 11:09:53.000000000 -0400
@@ -323,13 +323,28 @@ function ldapauth_admin_form(&$form_stat
     '#collapsible' => TRUE,
     '#collapsed' => TRUE
   );
+
+  if ($edit['binddn'] == 'user') {
+    $userbind = TRUE;
+    $binddn = '';
+  } else {
+    $userbind = FALSE;
+    $binddn = $edit['binddn'];
+  }
+    
+  $form['advanced']['userbind'] = array(
+    '#type' => 'checkbox',
+    '#title' => t('Use credentials of user logging in for non-anonymous search'),
+    '#default_value' => $userbind,
+  );
   $form['advanced']['binddn'] =  array(
     '#type' => 'textfield',
     '#title' => t('DN for non-anonymous search'),
-    '#default_value' => $edit['binddn'],
+    '#default_value' => $binddn,
     '#size' => 50,
     '#maxlength' => 255,
   );
+
   if (!$edit['bindpw']) {
     $form['advanced']['bindpw'] = array(
       '#type' => 'password',
@@ -381,6 +396,10 @@ function ldapauth_admin_form_validate($f
 function ldapauth_admin_form_submit($form, &$form_state) {
   $op = $form_state['clicked_button']['#value'];
   $values = $form_state['values'];
+  /* If user credentials will be used to bind, set binddn to 'user' */
+  if ($values['userbind']) {
+    $values['binddn'] = 'user';
+  }
   switch ($op) {
     case t('Save configuration'):
       if (!isset($values['sid'])) {
diff -urp ldap_integration/ldapauth.module ldap_new/ldapauth.module
--- ldap_integration/ldapauth.module	2009-05-03 20:26:43.000000000 -0400
+++ ldap_new/ldapauth.module	2009-08-03 11:09:53.000000000 -0400
@@ -306,7 +306,7 @@ function ldapauth_authenticate($form_val
     }
 
     // Register this new user.
-    if ($ldap_user = _ldapauth_user_lookup($name)) {
+    if ($ldap_user = _ldapauth_user_lookup($name, $pass)) {
       // Generate a random drupal password. LDAP password will be used anyways.
       $pass_new = (LDAPAUTH_LOGIN_PROCESS == LDAPAUTH_AUTH_EXCLUSIVED || !LDAPAUTH_SYNC_PASSWORDS) ? user_password(20) : $pass;
 
@@ -385,7 +385,7 @@ function _ldapauth_auth($name, $pass) {
       return FALSE;
 
     // Look up the user in LDAP.
-    if (!($ldap = _ldapauth_user_lookup($name)) || !isset($ldap['dn']))
+    if (!($ldap = _ldapauth_user_lookup($name, $pass)) || !isset($ldap['dn']))
       continue;
 
     // Filter users based on their LDAP data.
@@ -410,7 +410,7 @@ function _ldapauth_auth($name, $pass) {
  * @return
  *   An array with user's LDAP data or NULL if not found.
  */
-function _ldapauth_user_lookup($name) {
+function _ldapauth_user_lookup($name, $pass) {
   global $_ldapauth_ldap;
 
   if (!$_ldapauth_ldap)
@@ -420,7 +420,14 @@ function _ldapauth_user_lookup($name) {
   $login_name = ($code = _ldapauth_ldap_info($_ldapauth_ldap->getOption('sid'), 'login_php')) ? eval($code) : $name;
 
   // If there is no bindn and bindpw - the connect will be an anonymous connect.
-  $_ldapauth_ldap->connect($_ldapauth_ldap->getOption('binddn'), $_ldapauth_ldap->getOption('bindpw'));
+  // If binddn is set to user, we'll use the user credentials to bind
+  $binddn = $_ldapauth_ldap->getOption('binddn');
+  if ($binddn == 'user') {
+    $_ldapauth_ldap->connect($name, $pass);
+  } else {
+    $_ldapauth_ldap->connect($binddn, $_ldapauth_ldap->getOption('bindpw'));
+  }
+
   foreach (explode("\r\n", $_ldapauth_ldap->getOption('basedn')) as $base_dn) {
     if (empty($base_dn))
       continue;
Only in ldap_new/: ldap_integration
