diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java
index a263eee0..d3a54638 100644
--- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java
+++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java
@@ -255,6 +255,8 @@ public final class PwdAuthenticate implements AuthMechanism, Serializable
 
             try
             {
+               int usernameMatches = 0;
+
                // Go through the search roots stopping if the identity is resolved.
                for (int i = 0; i < searchRoots.length && identId == null; i++)
                {
@@ -267,6 +269,7 @@ public final class PwdAuthenticate implements AuthMechanism, Serializable
                   // Enumerate through the users returned checking the password
                   while (answer.hasMore())
                   {
+                     usernameMatches ++;
                      SearchResult sr = answer.next();
 
                      // Open a directory context for the user as a way of verifying its password
@@ -299,6 +302,33 @@ public final class PwdAuthenticate implements AuthMechanism, Serializable
                         m_log.warn("invoke()- NamingException: " + e.getExplanation());
                      }
                   }
+
+                  // Try to validate the name provided if we did not find any users with matching
+                  // surnames in case that the name is an FDN.
+                  if (usernameMatches == 0)
+                  {
+                     // Open a directory context for the user as a way of verifying its password
+                     try
+                     {
+                        Hashtable env2 = new Hashtable();
+                        env2.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory");
+                        env2.put(Realm.REALM_CONFIG_LOCATION, m_svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile));
+                        env2.put(Realm.REALM_SELECTOR, authReqMsg.getRealm());
+                        env2.put(Context.SECURITY_AUTHENTICATION, "simple");
+                        env2.put(Context.SECURITY_PRINCIPAL, pwToken.getUsername());
+                        env2.put(Context.SECURITY_CREDENTIALS, pwToken.getPassword());
+
+                        if ((new InitialDirContext(env2)) != null)
+                        {
+                           // The password must be valid, set the identity Id.
+                           identId = pwToken.getUsername();
+                        }
+                     }
+                     catch (NamingException e)
+                     {
+                        m_log.warn("invoke()- NamingException: " + e.getExplanation());
+                     }
+                  }
                }
             }
             catch (ServiceUnavailableException e)