diff --git a/radicale/acl/authLdap.py b/radicale/acl/authLdap.py
new file mode 100644
index 0000000..d7c08e6
--- /dev/null
+++ b/radicale/acl/authLdap.py
@@ -0,0 +1,24 @@
+# -*- coding: utf-8 -*-
+
+import sys, ldap
+
+from radicale import config
+
+def has_right(owner, user, password):
+	if user == None:
+		user=""
+	if password == None:
+		password=""
+	if owner != user:
+		return False
+	try:
+		l=ldap.open(LDAPSERVER, 389)
+		cn="%s%s,%s" % (LDAPPREPEND, user, LDAPAPPEND)
+		l.simple_bind_s(cn, password);
+		return True
+	except:
+		return False
+
+LDAPSERVER = config.get("authLdap", "LDAPServer")
+LDAPPREPEND = config.get("authLdap", "LDAPPrepend")
+LDAPAPPEND = config.get("authLdap", "LDAPAppend")