diff --git a/tests/testem.rb b/tests/testem.rb
index 3249a26..ca38ff7 100644
--- a/tests/testem.rb
+++ b/tests/testem.rb
@@ -4,5 +4,6 @@
 
 require 'test/unit'
 require 'tests/testber'
+require 'tests/testldap'
 
 
diff --git a/tests/testldap.rb b/tests/testldap.rb
new file mode 100644
index 0000000..41c556d
--- /dev/null
+++ b/tests/testldap.rb
@@ -0,0 +1,63 @@
+# $Id$
+#
+#
+
+
+require 'lib/netber'
+require 'lib/netldap'
+require 'lib/ldappdu'
+require 'lib/netldapfilter'
+require 'stringio'
+
+
+class TestLdapClient < Test::Unit::TestCase
+
+  def setup
+    @host = "127.0.0.1"
+    @port = 3890
+    @auth = {
+      :method => :simple,
+      :username => "cn=bigshot,dc=bayshorenetworks,dc=com",
+      :password => "opensesame"
+    }
+
+  end
+
+  # Binding tests.
+  # Need tests for all kinds of network failures and incorrect auth.
+  # TODO: Implement a class-level timeout for operations like bind.
+  # Search has a timeout defined at the protocol level, other ops do not.
+  # TODO, use constants for the LDAP result codes, rather than hardcoding them.
+  def test_bind
+    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
+    assert_equal( 0, ldap.bind )
+
+    bad_username = @auth.merge( {:username => "cn=badguy,dc=imposters,dc=com"} )
+    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_username
+    assert_equal( 48, ldap.bind )
+
+    bad_password = @auth.merge( {:password => "cornhusk"} )
+    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => bad_password
+    assert_equal( 49, ldap.bind )
+  end
+
+  def test_search
+    ldap = Net::LDAP.new :host => @host, :port => @port, :auth => @auth
+
+    search = {:base => "dc=smalldomain,dc=com"}
+    assert_equal( 32, ldap.search( search ))
+    
+    search = {:base => "dc=bigdomain,dc=com"}
+    assert_equal( 0, ldap.search( search ))
+    
+    ldap.search( search ) {|res|
+      p res
+    }
+    
+
+  end
+
+
+end
+
+
diff --git a/testserver/ldapserver.rb b/testserver/ldapserver.rb
index 4504159..e215dd5 100644
--- a/testserver/ldapserver.rb
+++ b/testserver/ldapserver.rb
@@ -89,16 +89,16 @@ module LdapServer
   def handle_bind_request pdu
     # TODO, return a proper LDAP error instead of blowing up on version error
     if pdu[1][0] != 3
-      send_ldap_response 0, pdu[0].to_i, 2, "", "We only support version 3"
+      send_ldap_response 1, pdu[0].to_i, 2, "", "We only support version 3"
     elsif pdu[1][1] != "cn=bigshot,dc=bayshorenetworks,dc=com"
-      send_ldap_response 0, pdu[0].to_i, 48, "", "Who are you?"
+      send_ldap_response 1, pdu[0].to_i, 48, "", "Who are you?"
     elsif pdu[1][2].ber_identifier != 0x80
-      send_ldap_response 0, pdu[0].to_i, 7, "", "Keep it simple, man"
+      send_ldap_response 1, pdu[0].to_i, 7, "", "Keep it simple, man"
     elsif pdu[1][2] != "opensesame"
-      send_ldap_response 0, pdu[0].to_i, 49, "", "Make my day"
+      send_ldap_response 1, pdu[0].to_i, 49, "", "Make my day"
     else
       @authenticated = true
-      send_ldap_response 0, pdu[0].to_i, 0, pdu[1][1], "I'll take it"
+      send_ldap_response 1, pdu[0].to_i, 0, pdu[1][1], "I'll take it"
     end
   end