diff --git a/auth.go b/auth.go
index b386f4b..359fa5c 100644
--- a/auth.go
+++ b/auth.go
@@ -13,7 +13,7 @@ var (
 	ErrActiveDirectoryMustBeLDAPS = errors.New("ActiveDirectory servers must be connected to via LDAPS to change passwords")
 )
 
-func (l LDAP) CheckPasswordForSAMAccountName(sAMAccountName, password string) (*User, error) {
+func (l *LDAP) CheckPasswordForSAMAccountName(sAMAccountName, password string) (*User, error) {
 	c, err := l.getConnection()
 	if err != nil {
 		return nil, err
@@ -33,6 +33,26 @@ func (l LDAP) CheckPasswordForSAMAccountName(sAMAccountName, password string) (*
 	return user, nil
 }
 
+func (l *LDAP) CheckPasswordForDN(dn, password string) (*User, error) {
+	c, err := l.getConnection()
+	if err != nil {
+		return nil, err
+	}
+	defer c.Close()
+
+	user, err := l.FindUserByDN(dn)
+	if err != nil {
+		return nil, err
+	}
+
+	err = c.Bind(user.DN(), password)
+	if err != nil {
+		return nil, err
+	}
+
+	return user, nil
+}
+
 func encodePassword(password string) (string, error) {
 	encoded, err := utf16le.NewEncoder().String("\"" + password + "\"")
 	if err != nil {
diff --git a/client.go b/client.go
index 858db05..eb65aeb 100644
--- a/client.go
+++ b/client.go
@@ -38,6 +38,10 @@ func New(config Config, user, password string) (*LDAP, error) {
 	return l, nil
 }
 
+func (l *LDAP) WithCredentials(dn, password string) (*LDAP, error) {
+	return New(l.config, dn, password)
+}
+
 func (l LDAP) getConnection() (*ldap.Conn, error) {
 	c, err := ldap.DialURL(l.config.Server)
 	if err != nil {