diff --git a/rhodecode/lib/auth_ldap.py b/rhodecode/lib/auth_ldap.py
--- a/rhodecode/lib/auth_ldap.py
+++ b/rhodecode/lib/auth_ldap.py
@@ -25,9 +25,10 @@ class PasswordError(Exception):pass
 
 LDAP_USE_LDAPS = False
 ldap_server_type = 'ldap'
-LDAP_SERVER_ADDRESS = '192.168.2.56'
+LDAP_SERVER_ADDRESS = 'myldap.com'
 LDAP_SERVER_PORT = '389'
 
+#USE FOR READ ONLY BIND TO LDAP SERVER
 LDAP_BIND_DN = ''
 LDAP_BIND_PASS = ''
 
@@ -37,6 +38,7 @@ LDAP_SERVER = "%s://%s:%s" % (ldap_serve
                                        LDAP_SERVER_PORT)
 
 BASE_DN = "ou=people,dc=server,dc=com"
+AUTH_DN = "uid=%s,%s"
 
 def authenticate_ldap(username, password):
     """Authenticate a user via LDAP and return his/her LDAP properties.
@@ -52,7 +54,7 @@ def authenticate_ldap(username, password
     from rhodecode.lib.helpers import chop_at
 
     uid = chop_at(username, "@%s" % LDAP_SERVER_ADDRESS)
-    dn = "uid=%s,%s" % (uid, BASE_DN)
+    dn = AUTH_DN % (uid, BASE_DN)
     log.debug("Authenticating %r at %s", dn, LDAP_SERVER)
     if "," in username:
         raise UsernameError("invalid character in username: ,")
@@ -60,6 +62,12 @@ def authenticate_ldap(username, password
         #ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, '/etc/openldap/cacerts')
         server = ldap.initialize(LDAP_SERVER)
         server.protocol = ldap.VERSION3
+        
+        if LDAP_BIND_DN and LDAP_BIND_PASS:
+            server.simple_bind_s(AUTH_DN % (LDAP_BIND_DN,
+                                            LDAP_BIND_PASS),
+                                            password)
+        
         server.simple_bind_s(dn, password)
         properties = server.search_s(dn, ldap.SCOPE_SUBTREE)
         if not properties: