diff --git a/misc/pam_authentication/ldap.conf b/misc/pam_authentication/ldap.conf
index 117d1074915e3cacd9a97b83b5a2e83e3c50d451..9d2cf4fb8d5600b5e4dbd9fe26f5f1acb6f05f3e 100644
--- a/misc/pam_authentication/ldap.conf
+++ b/misc/pam_authentication/ldap.conf
@@ -1,7 +1,8 @@
 # This file is sourced by the LDAP authentication script
 
-
-# Set the ldap server here.  This is also used to generate a fully qualified
-# user name: <USER>@$LDAP_SERVER
-
+# Set the ldap server here.  
 # LDAP_SERVER="example.com"
+
+# Set the ldap domain here. This is used to generate a fully qualified
+# user name: <USER>@$LDAP_DOMAIN
+# LDAP_DOMAIN="example.com"
diff --git a/misc/pam_authentication/ldap_authentication.sh b/misc/pam_authentication/ldap_authentication.sh
index f887bf99f47c827fd712d2189a5ca89ec2981e6c..1b86b8e1783399e2c43b92981a43789accb21e7d 100755
--- a/misc/pam_authentication/ldap_authentication.sh
+++ b/misc/pam_authentication/ldap_authentication.sh
@@ -35,7 +35,7 @@ exe_dir=$(dirname $0)
 
 # If the second argument is empty or "-", take password from stdin, else use the argument as a file.
 testpw() {
-    username="${1}@${LDAP_SERVER}"
+    username="${1}@${LDAP_DOMAIN}"
     pwfile="$2"
     pwargs=("-w" "$pwfile")
     if [[ $pwfile == "-" ]] ; then