diff --git a/app/login.py b/app/login.py
index 658e4e95..111cfcfa 100644
--- a/app/login.py
+++ b/app/login.py
@@ -69,13 +69,25 @@ def check_in_ldap(user, password):
 	server = sql.get_setting('ldap_server')
 	port = sql.get_setting('ldap_port')
 	ldap_class_search = sql.get_setting('ldap_class_search')
+	root_user = sql.get_setting('ldap_user')
+	root_password = sql.get_setting('ldap_password')
+	ldap_base = sql.get_setting('ldap_base')
+	domain = sql.get_setting('ldap_domain')
+	ldap_search_field = sql.get_setting('ldap_search_field')
+	ldap_user_attribute = sql.get_setting('ldap_user_attribute')
 	
-	l = ldap.initialize("ldap://"+server+':'+port)
+	l = ldap.initialize(server+':'+port)
 	try:
 		l.protocol_version = ldap.VERSION3
 		l.set_option(ldap.OPT_REFERRALS, 0)
 
-		bind = l.simple_bind_s(ldap_class_search+'='+user, password)
+		bind = l.simple_bind_s(root_user, root_password)
+
+		criteria = "(&(objectClass="+ldap_class_search+")("+ldap_user_attribute+"="+user+"))"
+		attributes = [ldap_search_field]
+		result = l.search_s(ldap_base, ldap.SCOPE_SUBTREE, criteria, attributes)
+
+		bind = l.simple_bind_s(result[0][0], password)
 	except ldap.INVALID_CREDENTIALS:
 		print("Content-type: text/html\n")	
 		print('<center><div class="alert alert-danger">Invalid credentials</div><br /><br />')
diff --git a/app/options.py b/app/options.py
index 60e583a9..cc934b04 100644
--- a/app/options.py
+++ b/app/options.py
@@ -893,7 +893,7 @@ if form.getvalue('get_ldap_email'):
 	ldap_class_search = sql.get_setting('ldap_class_search')
 	ldap_user_attribute = sql.get_setting('ldap_user_attribute')
 
-	l = ldap.initialize("ldap://"+server+':'+port)
+	l = ldap.initialize(server+':'+port)
 	try:
 		l.protocol_version = ldap.VERSION3
 		l.set_option(ldap.OPT_REFERRALS, 0)