diff --git a/src/ldap.cpp b/src/ldap.cpp
index 4a77b74..9895f0f 100644
--- a/src/ldap.cpp
+++ b/src/ldap.cpp
@@ -54,13 +54,11 @@
 // Connect this to CMake/Automake
 #define KDE_CONFDIR "/etc/trinity"
 #define KRB5_FILE "/etc/krb5.conf"
-#define LDAP_FILE "/etc/ldap.conf"
 #define NSSWITCH_FILE "/etc/nsswitch.conf"
 #define PAMD_DIRECTORY "/etc/pam.d/"
 #define PAMD_COMMON_ACCOUNT "common-account"
 #define PAMD_COMMON_AUTH "common-auth"
 #define CRON_UPDATE_NSS_FILE "/etc/cron.daily/upd-local-nss-db"
-#define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data"
 
 typedef KGenericFactory<LDAPConfig, TQWidget> ldapFactory;
 
@@ -302,40 +300,7 @@ void LDAPConfig::save() {
 	systemconfig->writeEntry("ConnectionPasswordHash", m_passwordHash);
 	systemconfig->writeEntry("ConnectionIgnoredUsers", m_ignoredUsers);
 
-	LDAPRealmConfigList::Iterator it;
-	for (it = m_realms.begin(); it != m_realms.end(); ++it) {
-		LDAPRealmConfig realmcfg = it.data();
-		TQString configRealmName = realmcfg.name;
-		configRealmName.prepend("LDAPRealm-");
-		systemconfig->setGroup(configRealmName);
-		// Save realm settings
-		systemconfig->writeEntry("bonded", realmcfg.bonded);
-		systemconfig->writeEntry("uid_offset", realmcfg.uid_offset);
-		systemconfig->writeEntry("gid_offset", realmcfg.gid_offset);
-		systemconfig->writeEntry("domain_mappings", realmcfg.domain_mappings);
-		systemconfig->writeEntry("kdc", realmcfg.kdc);
-		systemconfig->writeEntry("kdc_port", realmcfg.kdc_port);
-		systemconfig->writeEntry("admin_server", realmcfg.admin_server);
-		systemconfig->writeEntry("admin_server_port", realmcfg.admin_server_port);
-		systemconfig->writeEntry("pkinit_require_eku", realmcfg.pkinit_require_eku);
-		systemconfig->writeEntry("pkinit_require_krbtgt_otherName", realmcfg.pkinit_require_krbtgt_otherName);
-		systemconfig->writeEntry("win2k_pkinit", realmcfg.win2k_pkinit);
-		systemconfig->writeEntry("win2k_pkinit_require_binding", realmcfg.win2k_pkinit_require_binding);
-	}
-
-	// Delete any realms that do not exist in the m_realms database
-	TQStringList cfgRealms = systemconfig->groupList();
-	for (TQStringList::Iterator it(cfgRealms.begin()); it != cfgRealms.end(); ++it) {
-		if ((*it).startsWith("LDAPRealm-")) {
-			systemconfig->setGroup(*it);
-			TQString realmName=*it;
-			realmName.remove(0,strlen("LDAPRealm-"));
-			if (!m_realms.contains(realmName)) {
-				systemconfig->deleteGroup(*it);
-			}
-		}
-	}
-
+	LDAPManager::writeTDERealmList(m_realms, systemconfig);
 	systemconfig->sync();
 
 	if (base->systemEnableSupport->isChecked()) {
@@ -349,13 +314,15 @@ void LDAPConfig::save() {
 		writePAMFiles();
 		// Write the cron files
 		writeCronFiles();
+		// RAJA FIXME
+		// Update the SUDOERS file with the domain-wide computer local admin group!
 	}
 
 	load();
 }
 
 void LDAPConfig::processLockouts() {
-	bool panelIsEnabled = base->systemEnableSupport->isChecked();
+	bool panelIsEnabled = (base->systemEnableSupport->isEnabled() && base->systemEnableSupport->isChecked());
 
 	base->groupRealms->setEnabled(panelIsEnabled);
 	base->groupKrbDefaults->setEnabled(panelIsEnabled);
@@ -663,28 +630,7 @@ void LDAPConfig::writeKrb5ConfFile() {
 }
 
 void LDAPConfig::writeLDAPConfFile() {
-	TQFile file(LDAP_FILE);
-	if (file.open(IO_WriteOnly)) {
-		TQTextStream stream( &file );
-
-		LDAPRealmConfig realmcfg = m_realms[m_defaultRealm];
-
-		stream << "# This file was automatically generated by TDE\n";
-		stream << "# All changes will be lost!\n";
-		stream << "\n";
-
-		stream << "host " << realmcfg.admin_server << "\n";
-		TQStringList domainChunks = TQStringList::split(".", realmcfg.name.lower());
-		stream << "base dc=" << domainChunks.join(",dc=") << "\n";
-		stream << "ldap_version " << m_ldapVersion << "\n";
-		stream << "timelimit " << m_ldapTimeout << "\n";
-		stream << "bind_timelimit " << m_ldapBindTimeout << "\n";
-		stream << "bind_policy " << m_bindPolicy.lower() << "\n";
-		stream << "pam_password " << m_passwordHash.lower() << "\n";
-		stream << "nss_initgroups_ignoreusers " << m_ignoredUsers << "\n";
-
-		file.close();
-	}
+	LDAPManager::writeLDAPConfFile(m_realms[m_defaultRealm]);
 }
 
 void LDAPConfig::writeNSSwitchFile() {
diff --git a/src/ldap.h b/src/ldap.h
index d0b0c4e..124411d 100644
--- a/src/ldap.h
+++ b/src/ldap.h
@@ -31,33 +31,14 @@
 #include <tqcombobox.h>
 #include <tqcheckbox.h>
 
+#include <libtdeldap.h>
+
 #include "ldapconfigbase.h"
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
 #endif
 
-// PRIVATE
-class LDAPRealmConfig
-{
-	public:
-		TQString name;
-		bool bonded;
-		long uid_offset;
-		long gid_offset;
-		TQStringList domain_mappings;
-		TQString kdc;
-		int kdc_port;
-		TQString admin_server;
-		int admin_server_port;
-		bool pkinit_require_eku;
-		bool pkinit_require_krbtgt_otherName;
-		bool win2k_pkinit;
-		bool win2k_pkinit_require_binding;
-};
-
-typedef TQMap<TQString, LDAPRealmConfig> LDAPRealmConfigList;
-
 class LDAPConfig: public KCModule
 {
 	Q_OBJECT