diff --git a/htdocs/html.form.class.php b/htdocs/html.form.class.php
index 472fdba7f7a..76325819d39 100644
--- a/htdocs/html.form.class.php
+++ b/htdocs/html.form.class.php
@@ -49,6 +49,9 @@ class Form
   var $cache_conditions_paiements_libelle=array();
 
   var $tva_taux;
+  
+  var $samaccountname;
+  
   /**
      \brief     Constructeur
      \param     DB      handler d'accès base de donnée
@@ -2840,7 +2843,7 @@ class Form
 		$count++;
 		if ($count > 1000) return -1;	// To avoid infinite loop
 		if (! is_array($result)) return -1;
-		
+
 		foreach($result as $key => $val)
 		{
 			if ("$key" == "objectclass") continue;
@@ -2866,8 +2869,6 @@ class Form
 			else
 			{
 				print utf8_decode("$val");
-				//print $val;
-				//print "<br>\n";
 				print '</td></tr>';
 			}
 		}
diff --git a/htdocs/lib/ldap.class.php b/htdocs/lib/ldap.class.php
index 1809b4559e9..67ce8555bff 100644
--- a/htdocs/lib/ldap.class.php
+++ b/htdocs/lib/ldap.class.php
@@ -800,10 +800,22 @@ class Ldap
       */ 	 
      function getObjectSid($ldapUser) 	 
      { 	 
-         $criteria =  $this->getUserIdentifier()."=$ldapUser"; 	 
-         $justthese = array("objectsid"); 	 
-  	 
-         $ldapSearchResult = ldap_search($this->connection, $this->people, $criteria, $justthese); 	 
+         $criteria =  '('.$this->getUserIdentifier().'='.$ldapUser.')'; 	 
+         $justthese = array("objectsid");
+         
+         // if the directory is AD, then bind first with the search user first
+        if ($this->serverType == "activedirectory")
+        {
+            $this->bindauth($this->searchUser, $this->searchPassword);
+        }	 
+
+         $ldapSearchResult = @ldap_search($this->connection, $this->people, $criteria, $justthese);
+         
+         if (!$ldapSearchResult)
+        {
+        	$this->error = ldap_errno($this->connection)." ".ldap_error($this->connection);
+        	return -1;
+        } 	 
   	 
          $entry = ldap_first_entry($this->connection, $ldapSearchResult); 	 
          $ldapBinary = ldap_get_values_len ($this->connection, $entry, "objectsid"); 	 
diff --git a/htdocs/user/ldap.php b/htdocs/user/ldap.php
index 4ab15454996..e6a3f0aaae0 100644
--- a/htdocs/user/ldap.php
+++ b/htdocs/user/ldap.php
@@ -131,6 +131,19 @@ else
 }
 print '</tr>';
 
+if ($conf->global->LDAP_SERVER_TYPE == "activedirectory")
+{
+	$ldap = new Ldap();
+	$result = $ldap->connect_bind();
+	if ($result > 0)
+  {
+    $userSID = $ldap->getObjectSid($fuser->login);
+  }
+  print '<tr><td width="25%" valign="top">'.$langs->trans("SID").'</td>';
+  print '<td>'.$userSID.'</td>';
+  print "</tr>\n";
+}
+
 $langs->load("admin");
 
 // LDAP DN