diff --git a/change.go b/change.go
index f0600d7..08dbd39 100644
--- a/change.go
+++ b/change.go
@@ -35,7 +35,7 @@ func changePassword(w http.ResponseWriter, r *http.Request) {
 		} else if err := conn.ServiceBind(); err != nil {
 			log.Println(err)
 			displayTmplError(w, http.StatusInternalServerError, "change.html", map[string]interface{}{"error": err.Error()})
-		} else if dn, err := conn.SearchDN(r.PostFormValue("login")); err != nil {
+		} else if dn, err := conn.SearchDN(r.PostFormValue("login"), true); err != nil {
 			log.Println(err)
 			displayTmplError(w, http.StatusInternalServerError, "change.html", map[string]interface{}{"error": err.Error()})
 		} else if err := conn.Bind(dn, r.PostFormValue("password")); err != nil {
diff --git a/ldap.go b/ldap.go
index db3e3cd..5a3e1a6 100644
--- a/ldap.go
+++ b/ldap.go
@@ -65,11 +65,16 @@ func (l LDAPConn) Bind(username string, password string) error {
 	return l.connection.Bind(username, password)
 }
 
-func (l LDAPConn) SearchDN(username string) (string, error) {
+func (l LDAPConn) SearchDN(username string, person bool) (string, error) {
+	objectClass := "organizationalPerson"
+	if !person {
+		objectClass = "simpleSecurityObject"
+	}
+
 	searchRequest := ldap.NewSearchRequest(
 		l.BaseDN,
 		ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
-		fmt.Sprintf("(&(objectClass=organizationalPerson)(uid=%s))", username),
+		fmt.Sprintf("(&(objectClass=%s)(uid=%s))", objectClass, username),
 		[]string{"dn"},
 		nil,
 	)
diff --git a/login.go b/login.go
index e35e2ca..57338bc 100644
--- a/login.go
+++ b/login.go
@@ -14,13 +14,26 @@ func login(login string, password string) ([]*ldap.EntryAttribute, error) {
 	conn, err := myLDAP.Connect()
 	if err != nil || conn == nil {
 		return nil, err
-	} else if err := conn.ServiceBind(); err != nil {
+	}
+
+	if err = conn.ServiceBind(); err != nil {
 		return nil, err
-	} else if dn, err := conn.SearchDN(login); err != nil {
+	}
+
+	var dn string
+	dn, err = conn.SearchDN(login, true)
+	if err != nil {
+		dn, err = conn.SearchDN(login, false)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if err := conn.Bind(dn, password); err != nil {
 		return nil, err
-	} else if err := conn.Bind(dn, password); err != nil {
-		return nil, err
-	} else if entries, err := conn.GetEntry(dn); err != nil {
+	}
+
+	if entries, err := conn.GetEntry(dn); err != nil {
 		return nil, err
 	} else {
 		return entries, nil
diff --git a/lost.go b/lost.go
index 33abb11..f4ccbe6 100644
--- a/lost.go
+++ b/lost.go
@@ -74,7 +74,7 @@ func lostPassword(w http.ResponseWriter, r *http.Request) {
 	}
 
 	// Search the dn of the given user
-	dn, err := conn.SearchDN(r.PostFormValue("login"))
+	dn, err := conn.SearchDN(r.PostFormValue("login"), true)
 	if err != nil {
 		log.Println(err)
 		displayTmplError(w, http.StatusInternalServerError, "lost.html", map[string]interface{}{"error": err.Error()})
diff --git a/reset.go b/reset.go
index 0120a39..87dfc76 100644
--- a/reset.go
+++ b/reset.go
@@ -51,7 +51,7 @@ func resetPassword(w http.ResponseWriter, r *http.Request) {
 	}
 
 	// Search the dn of the given user
-	dn, err := conn.SearchDN(r.PostFormValue("login"))
+	dn, err := conn.SearchDN(r.PostFormValue("login"), true)
 	if err != nil {
 		log.Println(err)
 		base["error"] = err.Error()