diff --git a/modules/ldap/config/gallery.ldif b/modules/ldap/config/gallery_sample.ldif
similarity index 100%
rename from modules/ldap/config/gallery.ldif
rename to modules/ldap/config/gallery_sample.ldif
diff --git a/modules/ldap/config/ldap.php b/modules/ldap/config/ldap.php
deleted file mode 100644
index 07eda591..00000000
--- a/modules/ldap/config/ldap.php
+++ /dev/null
@@ -1,28 +0,0 @@
-<?php defined("SYSPATH") or die("No direct script access.");
-/**
- * Gallery - a web based photo album viewer and editor
- * Copyright (C) 2000-2009 Bharat Mediratta
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or (at
- * your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
- */
-$config = array(
-  "groups" => array("eng", "google", "prebuild", "guest"),
-  "everybody_group" => "guest",
-  "registered_users_group" => "google",
-  "admins" => array("mediratta"),
-  "url" => "ldaps://ldap.corp.google.com/",
-  "group_domain" => "ou=Posix,ou=Groups,dc=google,dc=com",
-  "user_domain" => "ou=People,dc=google,dc=com",
-);
diff --git a/modules/ldap/helpers/ldap_installer.php b/modules/ldap/helpers/ldap_installer.php
index cc227960..c68ac6b6 100644
--- a/modules/ldap/helpers/ldap_installer.php
+++ b/modules/ldap/helpers/ldap_installer.php
@@ -21,19 +21,18 @@ class ldap_installer {
   static function install() {
     module::set_version("ldap", 1);
     $root = item::root();
-    foreach (identity::groups() as $group) {
+    $ldap_provider = new IdentityProvider("ldap");
+    foreach ($ldap_provider->groups() as $group) {
       module::event("group_created", $group);
       access::allow($group, "view", $root);
       access::allow($group, "view_full", $root);
     }
-    // Let the admin own everything
-    $admin = identity::admin_user();
-    Database::instance()->query("UPDATE {items} SET owner_id = {$admin->id}");
   }
 
   static function uninstall() {
     // Delete all groups so that we give other modules an opportunity to clean up
-    foreach (identity::groups() as $group) {
+    $ldap_provider = new IdentityProvider("ldap");
+    foreach ($ldap_provider->groups() as $group) {
       module::event("group_deleted", $group);
     }
   }
diff --git a/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php b/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php
index 72f10fb0..c3eb1dd1 100644
--- a/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php
+++ b/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php
@@ -42,9 +42,11 @@ class IdentityProvider_Ldap_Driver implements IdentityProvider_Driver {
       self::$_guest_user = new Ldap_User();
       self::$_guest_user->id = 0;
       self::$_guest_user->name = "Guest";
+      self::$_guest_user->full_name = "Guest";
       self::$_guest_user->guest = true;
       self::$_guest_user->admin = false;
       self::$_guest_user->locale = null;
+      self::$_guest_user->email = null;
       self::$_guest_user->groups = array($this->everybody());
     }
     return self::$_guest_user;
@@ -70,7 +72,7 @@ class IdentityProvider_Ldap_Driver implements IdentityProvider_Driver {
   public function is_correct_password($user, $password) {
     $connection = ldap_connect(self::$_params["url"]);
     ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3);
-    $lbind = ldap_bind($connection, $user->dn, $password);
+    $lbind = @ldap_bind($connection, $user->dn, $password);
     ldap_unbind($connection);
 
     return ($lbind) ? true : false;
@@ -80,10 +82,12 @@ class IdentityProvider_Ldap_Driver implements IdentityProvider_Driver {
    * @see IdentityProvider_Driver::lookup_user.
    */
   public function lookup_user($id) {
+    if ($id == 0) {
+      return $this->guest();
+    }
     $result = ldap_search(self::$_connection, self::$_params["user_domain"], "uidNumber=$id");
     $entries = ldap_get_entries(self::$_connection, $result);
     if ($entries["count"] > 0) {
-      $cn_entry = ldap_get_values(self::$_connection, $entry_id, "cn");
       return new Ldap_User($entries[0]);
     }
     return null;
@@ -226,32 +230,46 @@ class Ldap_User implements User_Definition {
 
   public function __get($key) {
     switch($key) {
-      case "name":
-        return $this->ldap_entry["uid"][0];
+    case "name":
+      return $this->ldap_entry["uid"][0];
 
-      case "guest":
-        return false;
+    case "guest":
+      return false;
 
-      case "id":
-        return $this->ldap_entry["uidnumber"][0];
+    case "id":
+      return $this->ldap_entry["uidnumber"][0];
 
-      case "groups":
-        return IdentityProvider_Ldap_Driver::groups_for($this);
+    case "groups":
+      return IdentityProvider_Ldap_Driver::groups_for($this);
 
-      case "locale":  // @todo
-        return null;
+    case "locale":  // @todo
+      return null;
 
-      case "admin":
-        return in_array($this->ldap_entry["uid"][0],
-                        IdentityProvider_Ldap_Driver::$_params["admins"]);
+    case "admin":
+      return in_array($this->ldap_entry["uid"][0],
+                      IdentityProvider_Ldap_Driver::$_params["admins"]);
 
-      case "dn":
-        return $this->ldap_entry["dn"];
+    case "email":
+      return $this->ldap_entry["mail"][0];
 
-      default:
-        throw new Exception("@todo UNKNOWN_KEY ($key)");
+    case "full_name":
+      return $this->ldap_entry["cn"][0];
+
+    case "dn":
+      return $this->ldap_entry["dn"];
+
+    case "url":  // @todo
+      return null;
+
+    default:
+      throw new Exception("@todo UNKNOWN_KEY ($key)");
     }
   }
+
+  public function avatar_url($size=80, $default=null) {
+    return sprintf("http://www.gravatar.com/avatar/%s.jpg?s=%d&r=pg%s",
+                   md5($this->email), $size, $default ? "&d=" . urlencode($default) : "");
+  }
 }
 
 class Ldap_Group implements Group_Definition {