Index: lams_admin/conf/language/lams/ApplicationResources.properties
===================================================================
diff -u -rc613857b45c1cb2e741462488ad1b0bffd78c62b -r26341aa29d664ac6020d6c3685b7fc2b7d5c3c56
--- lams_admin/conf/language/lams/ApplicationResources.properties	(.../ApplicationResources.properties)	(revision c613857b45c1cb2e741462488ad1b0bffd78c62b)
+++ lams_admin/conf/language/lams/ApplicationResources.properties	(.../ApplicationResources.properties)	(revision 26341aa29d664ac6020d6c3685b7fc2b7d5c3c56)
@@ -371,6 +371,8 @@
 label.database.version  =Database Version
 config.ldap.search.filter = Search Filter
 config.ldap.base.dn = Base Distinguished Name
+config.ldap.bind.user.dn = Bind User Distinguished Name
+config.ldap.bind.user.password = Bind User Password
 
 
 #======= End labels: Exported 361 labels for en AU =====
Index: lams_admin/conf/language/lams/ApplicationResources_en_AU.properties
===================================================================
diff -u -rc613857b45c1cb2e741462488ad1b0bffd78c62b -r26341aa29d664ac6020d6c3685b7fc2b7d5c3c56
--- lams_admin/conf/language/lams/ApplicationResources_en_AU.properties	(.../ApplicationResources_en_AU.properties)	(revision c613857b45c1cb2e741462488ad1b0bffd78c62b)
+++ lams_admin/conf/language/lams/ApplicationResources_en_AU.properties	(.../ApplicationResources_en_AU.properties)	(revision 26341aa29d664ac6020d6c3685b7fc2b7d5c3c56)
@@ -371,6 +371,8 @@
 label.database.version  =Database Version
 config.ldap.search.filter = Search Filter
 config.ldap.base.dn = Base Distinguished Name
+config.ldap.bind.user.dn = Bind User Distinguished Name
+config.ldap.bind.user.password = Bind User Password
 
 
 #======= End labels: Exported 361 labels for en AU =====
Index: lams_admin/conf/language/rams/ApplicationResources.properties
===================================================================
diff -u -rc613857b45c1cb2e741462488ad1b0bffd78c62b -r26341aa29d664ac6020d6c3685b7fc2b7d5c3c56
--- lams_admin/conf/language/rams/ApplicationResources.properties	(.../ApplicationResources.properties)	(revision c613857b45c1cb2e741462488ad1b0bffd78c62b)
+++ lams_admin/conf/language/rams/ApplicationResources.properties	(.../ApplicationResources.properties)	(revision 26341aa29d664ac6020d6c3685b7fc2b7d5c3c56)
@@ -389,6 +389,8 @@
 label.database.version = Database Version
 config.ldap.search.filter = Search Filter
 config.ldap.base.dn = Base Distinguished Name
+config.ldap.bind.user.dn = Bind User Distinguished Name
+config.ldap.bind.user.password = Bind User Password
 
 
 #======= End labels: Exported 378 labels for en AU =====
Index: lams_admin/conf/language/rams/ApplicationResources_en_AU.properties
===================================================================
diff -u -rc613857b45c1cb2e741462488ad1b0bffd78c62b -r26341aa29d664ac6020d6c3685b7fc2b7d5c3c56
--- lams_admin/conf/language/rams/ApplicationResources_en_AU.properties	(.../ApplicationResources_en_AU.properties)	(revision c613857b45c1cb2e741462488ad1b0bffd78c62b)
+++ lams_admin/conf/language/rams/ApplicationResources_en_AU.properties	(.../ApplicationResources_en_AU.properties)	(revision 26341aa29d664ac6020d6c3685b7fc2b7d5c3c56)
@@ -389,6 +389,8 @@
 label.database.version = Database Version
 config.ldap.search.filter = Search Filter
 config.ldap.base.dn = Base Distinguished Name
+config.ldap.bind.user.dn = Bind User Distinguished Name
+config.ldap.bind.user.password = Bind User Password
 
 
 #======= End labels: Exported 378 labels for en AU =====
Index: lams_central/src/java/org/lamsfoundation/lams/security/LDAPAuthenticator.java
===================================================================
diff -u -rc613857b45c1cb2e741462488ad1b0bffd78c62b -r26341aa29d664ac6020d6c3685b7fc2b7d5c3c56
--- lams_central/src/java/org/lamsfoundation/lams/security/LDAPAuthenticator.java	(.../LDAPAuthenticator.java)	(revision c613857b45c1cb2e741462488ad1b0bffd78c62b)
+++ lams_central/src/java/org/lamsfoundation/lams/security/LDAPAuthenticator.java	(.../LDAPAuthenticator.java)	(revision 26341aa29d664ac6020d6c3685b7fc2b7d5c3c56)
@@ -105,6 +105,12 @@
 	    env.setProperty(Context.SECURITY_PROTOCOL, securityProtocol);
 	}
 
+	// setup initial bind user credentials if configured
+	if (StringUtils.isNotBlank(Configuration.get(ConfigurationKeys.LDAP_BIND_USER_DN))) {
+	    env.setProperty(Context.SECURITY_PRINCIPAL, Configuration.get(ConfigurationKeys.LDAP_BIND_USER_DN));
+	    env.setProperty(Context.SECURITY_CREDENTIALS, Configuration.get(ConfigurationKeys.LDAP_BIND_USER_PASSWORD));
+	}
+
 	String login = "";
 	String dn = "";
 	boolean isValid = false;
@@ -141,16 +147,19 @@
 		if (StringUtils.equals(login, username)) {
 		    // now we can try to authenticate
 		    dn = result.getNameInNamespace();
+		    setAttrs(attrs);
 		    ctx.close();
 		    break;
 		}
 	    }
 	    if (StringUtils.isBlank(login)) {
-		log.error("===> No LDAP user found with username: " + username);
+		log.error("===> No LDAP user found with username: " + username
+			+ ". This could mean that the user doesn't exist or that an initial bind user is required.");
 	    }
+	    
 	    // authenticate
 	    env.setProperty(Context.SECURITY_PRINCIPAL, dn);
-	    env.put(Context.SECURITY_CREDENTIALS, credential);
+	    env.setProperty(Context.SECURITY_CREDENTIALS, credential.toString());
 	    ctx = new InitialLdapContext(env, null);
 
 	    // if no exception, success
@@ -159,18 +168,15 @@
 
 	    // start checking whether we need to update user depending on its
 	    // attributes
-	    Attributes attrs = ctx.getAttributes(dn);
-	    setAttrs(attrs);
-
 	    if (log.isDebugEnabled()) {
-		NamingEnumeration enumAttrs = attrs.getAll();
+		NamingEnumeration enumAttrs = this.attrs.getAll();
 		while (enumAttrs.hasMoreElements()) {
 		    log.debug(enumAttrs.next());
 		}
 	    }
 
 	    // check user is disabled in ldap
-	    if (getLdapService().getDisabledBoolean(attrs)) {
+	    if (getLdapService().getDisabledBoolean(this.attrs)) {
 		log.debug("===> User is disabled in LDAP.");
 		User user = getService().getUserByLogin(username);
 		if (user != null) {
@@ -183,8 +189,8 @@
 		User user = getService().getUserByLogin(username);
 		if (user != null) {
 		    // update user's attributes and org membership
-		    getLdapService().updateLDAPUser(user, attrs);
-		    getLdapService().addLDAPUser(attrs, user.getUserId());
+		    getLdapService().updateLDAPUser(user, this.attrs);
+		    getLdapService().addLDAPUser(this.attrs, user.getUserId());
 		}
 	    }
 
Index: lams_common/db/sql/insert_lams_unix_config_data.sql
===================================================================
diff -u -rc613857b45c1cb2e741462488ad1b0bffd78c62b -r26341aa29d664ac6020d6c3685b7fc2b7d5c3c56
--- lams_common/db/sql/insert_lams_unix_config_data.sql	(.../insert_lams_unix_config_data.sql)	(revision c613857b45c1cb2e741462488ad1b0bffd78c62b)
+++ lams_common/db/sql/insert_lams_unix_config_data.sql	(.../insert_lams_unix_config_data.sql)	(revision 26341aa29d664ac6020d6c3685b7fc2b7d5c3c56)
@@ -113,9 +113,15 @@
 values ('LDAPSearchFilter','(cn={0})', 'config.ldap.search.filter', 'config.header.ldap', 'STRING', 0);
 
 insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
-values ('LDAPBaseDN',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.base.dn', 'config.header.ldap', 'STRING', 0);
+values ('LDAPBaseDN','ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.base.dn', 'config.header.ldap', 'STRING', 0);
 
 insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
+values ('LDAPBindUserDN','', 'config.ldap.bind.user.dn', 'config.header.ldap', 'STRING', 0);
+
+insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
+values ('LDAPBindUserPassword','', 'config.ldap.bind.user.password', 'config.header.ldap', 'STRING', 0);
+
+insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
 values ('LDAPSecurityProtocol','', 'config.ldap.security.protocol', 'config.header.ldap', 'STRING', 0);
 
 insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
Index: lams_common/db/sql/insert_lams_windows_config_data.sql
===================================================================
diff -u -rc613857b45c1cb2e741462488ad1b0bffd78c62b -r26341aa29d664ac6020d6c3685b7fc2b7d5c3c56
--- lams_common/db/sql/insert_lams_windows_config_data.sql	(.../insert_lams_windows_config_data.sql)	(revision c613857b45c1cb2e741462488ad1b0bffd78c62b)
+++ lams_common/db/sql/insert_lams_windows_config_data.sql	(.../insert_lams_windows_config_data.sql)	(revision 26341aa29d664ac6020d6c3685b7fc2b7d5c3c56)
@@ -116,6 +116,12 @@
 values ('LDAPBaseDN',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.base.dn', 'config.header.ldap', 'STRING', 0);
 
 insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
+values ('LDAPBindUserDN','', 'config.ldap.bind.user.dn', 'config.header.ldap', 'STRING', 0);
+
+insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
+values ('LDAPBindUserPassword','', 'config.ldap.bind.user.password', 'config.header.ldap', 'STRING', 0);
+
+insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
 values ('LDAPSecurityProtocol','', 'config.ldap.security.protocol', 'config.header.ldap', 'STRING', 0);
 
 insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
Index: lams_common/db/sql/insert_rams_unix_config_data.sql
===================================================================
diff -u -rc613857b45c1cb2e741462488ad1b0bffd78c62b -r26341aa29d664ac6020d6c3685b7fc2b7d5c3c56
--- lams_common/db/sql/insert_rams_unix_config_data.sql	(.../insert_rams_unix_config_data.sql)	(revision c613857b45c1cb2e741462488ad1b0bffd78c62b)
+++ lams_common/db/sql/insert_rams_unix_config_data.sql	(.../insert_rams_unix_config_data.sql)	(revision 26341aa29d664ac6020d6c3685b7fc2b7d5c3c56)
@@ -116,6 +116,12 @@
 values ('LDAPBaseDN',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.base.dn', 'config.header.ldap', 'STRING', 0);
 
 insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
+values ('LDAPBindUserDN','', 'config.ldap.bind.user.dn', 'config.header.ldap', 'STRING', 0);
+
+insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
+values ('LDAPBindUserPassword','', 'config.ldap.bind.user.password', 'config.header.ldap', 'STRING', 0);
+
+insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
 values ('LDAPSecurityProtocol','', 'config.ldap.security.protocol', 'config.header.ldap', 'STRING', 0);
 
 insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
Index: lams_common/db/sql/insert_rams_windows_config_data.sql
===================================================================
diff -u -rc613857b45c1cb2e741462488ad1b0bffd78c62b -r26341aa29d664ac6020d6c3685b7fc2b7d5c3c56
--- lams_common/db/sql/insert_rams_windows_config_data.sql	(.../insert_rams_windows_config_data.sql)	(revision c613857b45c1cb2e741462488ad1b0bffd78c62b)
+++ lams_common/db/sql/insert_rams_windows_config_data.sql	(.../insert_rams_windows_config_data.sql)	(revision 26341aa29d664ac6020d6c3685b7fc2b7d5c3c56)
@@ -116,6 +116,12 @@
 values ('LDAPBaseDN',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.base.dn', 'config.header.ldap', 'STRING', 0);
 
 insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
+values ('LDAPBindUserDN','', 'config.ldap.bind.user.dn', 'config.header.ldap', 'STRING', 0);
+
+insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
+values ('LDAPBindUserPassword','', 'config.ldap.bind.user.password', 'config.header.ldap', 'STRING', 0);
+
+insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
 values ('LDAPSecurityProtocol','', 'config.ldap.security.protocol', 'config.header.ldap', 'STRING', 0);
 
 insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
Index: lams_common/src/java/org/lamsfoundation/lams/dbupdates/patch0013_updateFrom21.sql
===================================================================
diff -u -rc613857b45c1cb2e741462488ad1b0bffd78c62b -r26341aa29d664ac6020d6c3685b7fc2b7d5c3c56
--- lams_common/src/java/org/lamsfoundation/lams/dbupdates/patch0013_updateFrom21.sql	(.../patch0013_updateFrom21.sql)	(revision c613857b45c1cb2e741462488ad1b0bffd78c62b)
+++ lams_common/src/java/org/lamsfoundation/lams/dbupdates/patch0013_updateFrom21.sql	(.../patch0013_updateFrom21.sql)	(revision 26341aa29d664ac6020d6c3685b7fc2b7d5c3c56)
@@ -74,6 +74,12 @@
 UPDATE lams_configuration SET config_value='LDAPSearchFilter', description_key='config.ldap.search.filter' WHERE config_key='LDAPPrincipalDNPrefix';
 UPDATE lams_configuration SET config_value='LDAPBaseDN', description_key='config.ldap.base.dn' WHERE config_key='LDAPPrincipalDNSuffix';
 
+-- LDEV-2029 - configurable initial bind user for ldap
+insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
+values ('LDAPBindUserDN','', 'config.ldap.bind.user.dn', 'config.header.ldap', 'STRING', 0);
+insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) 
+values ('LDAPBindUserPassword','', 'config.ldap.bind.user.password', 'config.header.ldap', 'STRING', 0);
+
 ----------------------Put all sql statements above here-------------------------
 
 -- If there were no errors, commit and restore autocommit to on
Index: lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java
===================================================================
diff -u -rc613857b45c1cb2e741462488ad1b0bffd78c62b -r26341aa29d664ac6020d6c3685b7fc2b7d5c3c56
--- lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java	(.../LdapService.java)	(revision c613857b45c1cb2e741462488ad1b0bffd78c62b)
+++ lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java	(.../LdapService.java)	(revision 26341aa29d664ac6020d6c3685b7fc2b7d5c3c56)
@@ -434,6 +434,12 @@
 	if (StringUtils.equals("ssl", securityProtocol)) {
 	    env.setProperty(Context.SECURITY_PROTOCOL, securityProtocol);
 	}
+	
+	// setup initial bind user credentials if configured
+	if (StringUtils.isNotBlank(Configuration.get(ConfigurationKeys.LDAP_BIND_USER_DN))) {
+	    env.setProperty(Context.SECURITY_PRINCIPAL, Configuration.get(ConfigurationKeys.LDAP_BIND_USER_DN));
+	    env.setProperty(Context.SECURITY_CREDENTIALS, Configuration.get(ConfigurationKeys.LDAP_BIND_USER_PASSWORD));
+	}
 
 	// get base DN to search on
 	String baseDN = Configuration.get(ConfigurationKeys.LDAP_BASE_DN);