diff --git a/VERSION b/VERSION
index 3cb80ff7..9d6b7ef1 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-Version 1.99.4 (2011-12-15 18:51:17) stable
+Version 1.99.4 (2011-12-16 09:42:45) stable
diff --git a/gluon/contrib/login_methods/ldap_auth.py b/gluon/contrib/login_methods/ldap_auth.py
index 012fac1b..0b377acb 100644
--- a/gluon/contrib/login_methods/ldap_auth.py
+++ b/gluon/contrib/login_methods/ldap_auth.py
@@ -89,9 +89,6 @@ def ldap_auth(server='ldap', port=None,
                 # In cases where ForestDnsZones and DomainDnsZones are found, 
                 # result will look like the following: 
                 # ['ldap://ForestDnsZones.domain.com/DC=ForestDnsZones,DC=domain,DC=com'] 
-                if not isinstance(result, dict): 
-                    # result should be a dict in the form {'sAMAccountName': [username_bare]} 
-                    return False 
                 if ldap_binddn:
                     # need to search directory with an admin account 1st
                     con.simple_bind_s(ldap_binddn, ldap_bindpw)
@@ -103,6 +100,9 @@ def ldap_auth(server='ldap', port=None,
                 result = con.search_ext_s(
                     ldap_basedn, ldap.SCOPE_SUBTREE,
                     "(&(sAMAccountName=%s)(%s))" % (username_bare, filterstr), ["sAMAccountName"])[0][1]
+                if not isinstance(result, dict): 
+                    # result should be a dict in the form {'sAMAccountName': [username_bare]} 
+                    return False 
                 if ldap_binddn:
                     # We know the user exists & is in the correct OU
                     # so now we just check the password