--- a/server/ldaputils.py	Tue Dec 18 12:25:08 2012 +0100
+++ b/server/ldaputils.py	Thu Jan 24 16:10:31 2013 +0100
@@ -38,6 +38,7 @@
 from ldapurl import LDAPUrl
 
 from cubicweb import ValidationError, AuthenticationError, Binary
+from cubicweb.server import utils
 from cubicweb.server.sources import ConnectionWrapper
 
 _ = unicode
@@ -334,7 +335,11 @@
         itemdict = {'dn': dn}
         for key, value in iterator:
             if self.user_attrs.get(key) == 'upassword': # XXx better password detection
-                itemdict[key] = Binary(value[0].encode('utf-8'))
+                value = value[0].encode('utf-8')
+                # we only support ldap_salted_sha1 for ldap sources, see: server/utils.py
+                if not value.startswith('{SSHA}'):
+                    value = utils.crypt_password(value)
+                itemdict[key] = Binary(value)
             else:
                 for i, val in enumerate(value):
                     value[i] = unicode(val, 'utf-8', 'replace')