diff --git a/modules/ldap/config/gallery.ldif b/modules/ldap/config/gallery.ldif
new file mode 100644
index 00000000..bc52d08a
--- /dev/null
+++ b/modules/ldap/config/gallery.ldif
@@ -0,0 +1,74 @@
+dn: ou=people,dc=gallery,dc=local
+objectClass: organizationalUnit
+ou: people
+
+dn: ou=groups,dc=gallery,dc=local
+objectClass: organizationalUnit
+ou: groups
+
+dn: ou=systems,dc=gallery,dc=local
+objectClass: organizationalUnit
+ou: systems
+
+dn: uid=jdoe,ou=people,dc=gallery,dc=local
+objectClass: inetOrgPerson
+objectClass: posixAccount
+uid: jdoe
+sn: Doe
+givenname: John
+cn: John Doe
+userpassword: {SSHA}76qIsKTflGM6dj0f5c5olnD9ltKKXAFE
+displayName: John Doe
+homeDirectory: /home/jdoe
+uidnumber: 1000
+gidnumber: 10000
+mail: jdoe@gallery.local
+
+dn: uid=hwallbanger,ou=people,dc=gallery,dc=local
+objectClass: inetOrgPerson
+objectClass: posixAccount
+uid: hwallbanger
+sn: Wallbanger
+givenname: Harvey
+cn: Harvey Wallbanger
+userpassword: {SSHA}084H+FFr6s/anIoaIhI+O8OaH2u0MIBL
+displayName: Harvey Wallbanger
+homeDirectory: /home/hwallbanger
+uidnumber: 1001
+gidnumber: 10001
+mail: hwallbanger@gallery.local
+
+dn: uid=rnail,ou=people,dc=gallery,dc=local
+objectClass: inetOrgPerson
+objectClass: posixAccount
+uid: rnail
+sn: Nail
+givenname: Rusty
+cn: Rusty Nail
+userpassword: {SSHA}wXVdpfbP6n9LwoLxrB+NvY2oDN1j/M2z
+displayName: Rusty Nail
+homeDirectory: /home/rnail
+uidnumber: 1002
+gidnumber: 10001
+mail: rnail@gallery.local
+
+dn: cn=admins,ou=groups,dc=gallery,dc=local
+objectclass: posixGroup
+cn: admins
+gidnumber: 10000
+memberuid: jdoe
+
+dn: cn=users,ou=groups,dc=gallery,dc=local
+objectclass: posixGroup
+cn: users
+gidnumber: 10001
+memberuid: jdoe
+memberuid: hwallbanger
+memberuid: rnail
+
+dn: cn=guest,ou=groups,dc=gallery,dc=local
+objectclass: posixGroup
+cn: guest
+gidnumber: 10002
+
+
diff --git a/modules/ldap/config/identity.php b/modules/ldap/config/identity.php
new file mode 100644
index 00000000..7e7d7e30
--- /dev/null
+++ b/modules/ldap/config/identity.php
@@ -0,0 +1,45 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+/*
+ * @package  Identity
+ *
+ * User settings, defined as arrays, or "groups". If no group name is
+ * used when loading the cache library, the group named "default" will be used.
+ *
+ * Each group can be used independently, and multiple groups can be used at once.
+ *
+ * Group Options:
+ *  driver        - User backend driver. Gallery comes with Gallery user driver.
+ *  allow_updates - Flag to indicate that the back end allows updates.
+ *  params        - Driver parameters, specific to each driver.
+ */
+$config["ldap"] = array(
+  "driver"        => "ldap",
+  "allow_updates" => false,
+  "params"        => array(
+    "groups" => array("users", "guest"),
+    "everybody_group" => "guest",
+    "registered_users_group" => "users",
+    "admins" => array("jdoe"),
+    "url" => "ldap://127.0.0.1/",
+    "group_domain" => "ou=groups,dc=gallery,dc=local",
+    "user_domain" => "ou=people,dc=gallery,dc=local"
+  )
+);
diff --git a/modules/ldap/config/ldap.php b/modules/ldap/config/ldap.php
new file mode 100644
index 00000000..07eda591
--- /dev/null
+++ b/modules/ldap/config/ldap.php
@@ -0,0 +1,28 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+$config = array(
+  "groups" => array("eng", "google", "prebuild", "guest"),
+  "everybody_group" => "guest",
+  "registered_users_group" => "google",
+  "admins" => array("mediratta"),
+  "url" => "ldaps://ldap.corp.google.com/",
+  "group_domain" => "ou=Posix,ou=Groups,dc=google,dc=com",
+  "user_domain" => "ou=People,dc=google,dc=com",
+);
diff --git a/modules/ldap/helpers/ldap_installer.php b/modules/ldap/helpers/ldap_installer.php
new file mode 100644
index 00000000..cc227960
--- /dev/null
+++ b/modules/ldap/helpers/ldap_installer.php
@@ -0,0 +1,40 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class ldap_installer {
+  static function install() {
+    module::set_version("ldap", 1);
+    $root = item::root();
+    foreach (identity::groups() as $group) {
+      module::event("group_created", $group);
+      access::allow($group, "view", $root);
+      access::allow($group, "view_full", $root);
+    }
+    // Let the admin own everything
+    $admin = identity::admin_user();
+    Database::instance()->query("UPDATE {items} SET owner_id = {$admin->id}");
+  }
+
+  static function uninstall() {
+    // Delete all groups so that we give other modules an opportunity to clean up
+    foreach (identity::groups() as $group) {
+      module::event("group_deleted", $group);
+    }
+  }
+}
\ No newline at end of file
diff --git a/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php b/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php
new file mode 100644
index 00000000..11b59c3a
--- /dev/null
+++ b/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php
@@ -0,0 +1,252 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class IdentityProvider_Ldap_Driver implements IdentityProvider_Driver {
+  static $_params;
+  private static $_connection;
+  private static $_guest_user;
+
+  /**
+   * Initializes the LDAP Driver
+   *
+   * @return  void
+   */
+  public function __construct($params) {
+    self::$_params = $params;
+    self::$_connection = ldap_connect(self::$_params["url"]);
+    ldap_set_option(self::$_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
+    ldap_bind(self::$_connection);
+  }
+
+  /**
+   * @see IdentityProvider_Driver::guest.
+   */
+  public function guest() {
+    if (empty(self::$_guest_user)) {
+      self::$_guest_user = new Ldap_User();
+      self::$_guest_user->id = 0;
+      self::$_guest_user->name = "Guest";
+      self::$_guest_user->guest = true;
+      self::$_guest_user->admin = false;
+      self::$_guest_user->locale = null;
+      self::$_guest_user->groups = array($this->everybody());
+    }
+    return self::$_guest_user;
+  }
+
+  /**
+   * @see IdentityProvider_Driver::admin_user.
+   */
+  public function admin_user() {
+    return self::lookup_user_by_name(self::$_params["admins"][0]);
+  }
+
+  /**
+   * @see IdentityProvider_Driver::create_user.
+   */
+  public function create_user($name, $full_name, $password) {
+    throw new Exception("@todo INVALID OPERATION");
+  }
+
+  /**
+   * @see IdentityProvider_Driver::is_correct_password.
+   */
+  public function is_correct_password($user, $password) {
+    $connection = ldap_connect(self::$_params["url"]);
+    ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3);
+    $lbind = ldap_bind($connection, $user->dn, $password);
+    ldap_unbind($connection);
+
+    return ($lbind) ? true : false;
+  }
+
+  /**
+   * @see IdentityProvider_Driver::lookup_user.
+   */
+  public function lookup_user($id) {
+    $result = ldap_search(self::$_connection, self::$_params["user_domain"], "uidNumber=$id");
+    $entries = ldap_get_entries(self::$_connection, $result);
+    if ($entries["count"] > 0) {
+      $cn_entry = ldap_get_values(self::$_connection, $entry_id, "cn");
+      return new Ldap_User($entries[0]);
+    }
+    return null;
+  }
+
+  /**
+   * @see IdentityProvider_Driver::lookup_user_by_name.
+   *
+   * Special processing: if the supplied name is admin then look up the first user
+   * specified by the "admins" driver params
+   */
+  public function lookup_user_by_name($name) {
+    $result = ldap_search(self::$_connection, self::$_params["user_domain"], "uid=$name");
+    $entries = ldap_get_entries(self::$_connection, $result);
+    if ($entries["count"] > 0) {
+      return new Ldap_User($entries[0]);
+    }
+    return null;
+  }
+
+  /**
+   * @see IdentityProvider_Driver::create_group.
+   */
+  public function create_group($name) {
+    throw new Exception("@todo INVALID OPERATION");
+  }
+
+  /**
+   * @see IdentityProvider_Driver::everybody.
+   */
+  public function everybody() {
+    return $this->lookup_group_by_name(self::$_params["everybody_group"]);
+  }
+
+  /**
+   * @see IdentityProvider_Driver::registered_users.
+   */
+  public function registered_users() {
+    return $this->lookup_group_by_name(self::$_params["registered_users_group"]);
+  }
+
+  /**
+   * @see IdentityProvider_Driver::lookup_group.
+   */
+  public function lookup_group($id) {
+    $result = @ldap_search(self::$_connection, self::$_params["group_domain"], "gidNumber=$id");
+    $entry_id = ldap_first_entry(self::$_connection, $result);
+
+    if ($entry_id !== false) {
+      $cn_entry = ldap_get_values(self::$_connection, $entry_id, "cn");
+      $gid_number_entry = ldap_get_values(self::$_connection, $entry_id, "gidNumber");
+      return new Ldap_Group($gid_number_entry[0], $cn_entry[0]);
+    }
+    return null;
+  }
+
+  /**
+   * Look up the group by name.
+   * @param string     $name the name of the group to locate
+   * @return Group_Definition
+   */
+  public function lookup_group_by_name($name) {
+    $result = @ldap_search(self::$_connection, self::$_params["group_domain"], "cn=$name");
+    $entry_id = ldap_first_entry(self::$_connection, $result);
+
+    if ($entry_id !== false) {
+      $cn_entry = ldap_get_values(self::$_connection, $entry_id, "cn");
+      $gid_number_entry = ldap_get_values(self::$_connection, $entry_id, "gidNumber");
+      return new Ldap_Group($gid_number_entry[0], $cn_entry[0]);
+    }
+    return null;
+  }
+
+  /**
+   * @see IdentityProvider_Driver::get_user_list.
+   */
+  public function get_user_list($ids) {
+    $users = array();
+    foreach ($ids as $id) {
+      $users[] = $this->lookup_user($id);
+    }
+    return $users;
+  }
+
+  /**
+   * @see IdentityProvider_Driver::groups.
+   */
+  public function groups() {
+    $groups = array();
+    foreach (self::$_params["groups"] as $group_name) {
+      $root = item::root();
+      $groups[] = $this->lookup_group_by_name($group_name);
+    }
+    return $groups;
+  }
+
+  static function groups_for($user) {
+    $result = ldap_search(self::$_connection, self::$_params["group_domain"],
+                          "(memberUid=$user->name)");
+
+    $associated_groups = self::$_params["groups"];
+    $groups = array();
+    for ($entry_id = ldap_first_entry(self::$_connection, $result);
+         $entry_id != false;
+         $entry_id = ldap_next_entry(self::$_connection, $entry_id)) {
+      $group_id = ldap_get_values(self::$_connection, $entry_id, "gidNumber");
+      $group_name = ldap_get_values(self::$_connection, $entry_id, "cn");
+      if (in_array($group_name[0], $associated_groups)) {
+        $groups[] = new Ldap_Group($group_id[0], $group_name[0]);
+      }
+    }
+    return $groups;
+  }
+} // End Identity Gallery Driver
+
+class Ldap_User implements User_Definition {
+  private $ldap_entry;
+
+  public function __construct($ldap_entry=null) {
+    $this->ldap_entry = $ldap_entry;
+  }
+
+  public function display_name() {
+    return $this->ldap_entry["displayname"][0];
+  }
+
+  public function __get($key) {
+    switch($key) {
+      case "name":
+        return $this->ldap_entry["uid"][0];
+
+      case "guest":
+        return false;
+
+      case "id":
+        return $this->ldap_entry["uidnumber"][0];
+
+      case "groups":
+        return IdentityProvider_Ldap_Driver::groups_for($this);
+
+      case "locale":  // @todo
+        return null;
+
+      case "admin":
+        return in_array($this->ldap_entry["uid"][0],
+                        IdentityProvider_Ldap_Driver::$_params["admins"]);
+
+      case "dn":
+        return $this->ldap_entry["dn"];
+
+      default:
+        throw new Exception("@todo UNKNOWN_KEY ($key)");
+    }
+  }
+}
+
+class Ldap_Group implements Group_Definition {
+  public $id;
+  public $name;
+
+  public function __construct($id, $name) {
+    $this->id = $id;
+    $this->name = $name;
+    $this->special = false;
+  }
+}
diff --git a/modules/ldap/module.info b/modules/ldap/module.info
new file mode 100644
index 00000000..1b7bef08
--- /dev/null
+++ b/modules/ldap/module.info
@@ -0,0 +1,6 @@
+name = "LDAP"
+description = "Use LDAP for authentication"
+version = 1
+
+; Don't show this module on the module administration screen
+no_module_admin = 1
diff --git a/modules/tag_cloud/module.info b/modules/tag_cloud/module.info
index 727b9eef..af8f9ce1 100644
--- a/modules/tag_cloud/module.info
+++ b/modules/tag_cloud/module.info
@@ -1,4 +1,3 @@
-name = Tag Cloud
+name = "Tag Cloud"
 description = "3D tag cloud"
-
 version = 1