[xwiki-users] Trouble with LDAP/ActiveDirectory authentication

I've set up XWiki 1.6 for my IT department, and configured the LDAP authentication (the new, default XWikiLDAPAuthServiceImpl) to point to our corporate Active Directory server. For all users in the "US-IS" ActievDirectory group, it works fine; however, I have some users that are split off into "US-info_mgmt" that can't log in. I don't have the power to alter the Active Directory group membership or structure, so I'm stuck with it how it is. #-# only members of the following group will be verified in the LDAP #-# otherwise only users that are found after searching starting from the base_DN xwiki.authentication.ldap.user_group=cn=US-IS,cn=Users,dc=XXXX,dc=YYYY After looking through the XWikiLDAPAuthServiceImpl, it looks like this is a single value, not multiple. So, I can't simply list two groups. My next thought was to comment this out because the XWikiLDAPAuthServiceImpl looks like it will ignore the group check if its not set to a value. However, when I did this, no one could log in... sort of. Actually, I was able to log in, but then the custom logo in the skin didn't show up, and the comments area showed another login screen embedded within the page. Any ideas on how I can configure this? Regards, Brian. ----------------------------------------- CONFIDENTIALITY STATEMENT: This e-mail transmission contains information that is intended to be confidential. It is intended only for the addressee named above. If you receive this e-mail in error, please do not read, copy, or disseminate it. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated.