diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index b1e01f4da9..676565a903 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,8 @@
+2013-02-19  Ramon Novoa  <rnovoa@artica.es>
+
+	* include/auth/ldap.php: Do not bind anonymously to check whether the
+	  user exists.
+
 2013-02-19 Miguel de Dios <miguel.dedios@artica.es>
 	
 	* godmode/alerts/configure_alert_command.php,
diff --git a/pandora_console/include/auth/ldap.php b/pandora_console/include/auth/ldap.php
index ea307cd66b..15fd6be8e0 100644
--- a/pandora_console/include/auth/ldap.php
+++ b/pandora_console/include/auth/ldap.php
@@ -364,19 +364,12 @@ function ldap_valid_login ($login, $password) {
 			return $ret;
 		}
 		
-		if (ldap_search_user ($login)) {
-			$r = @ldap_bind ($ds, $config["auth"]["ldap_login_attr"]."=".$login.",".$config["auth"]["ldap_base_dn"], $password);
-			if (!$r) {
-				$ldap_cache["error"] .= 'Invalid login';
-				//$ldap_cache["error"] .= ': incorrect password'; // uncomment for debugging
-			}
-			else {
-				$ret = true;
-			}
+		$r = @ldap_bind ($ds, $config["auth"]["ldap_login_attr"]."=".$login.",".$config["auth"]["ldap_base_dn"], $password);
+		if (!$r) {
+			$ldap_cache["error"] .= 'Invalid login';
 		}
 		else {
-			$ldap_cache["error"] .= 'Invalid login';
-			//$ldap_cache["error"] .= ': no such user';
+			$ret = true;
 		}
 		@ldap_close ($ds);
 	}