diff --git a/rootfs/etc/confd/templates/app-passwords-lookup.lua.tmpl b/rootfs/etc/confd/templates/app-passwords-lookup.lua.tmpl
index 5edda4b..7715504 100644
--- a/rootfs/etc/confd/templates/app-passwords-lookup.lua.tmpl
+++ b/rootfs/etc/confd/templates/app-passwords-lookup.lua.tmpl
@@ -22,6 +22,9 @@ function auth_passdb_lookup(req)
         user_count = user_count + 1
     end
 
+    local return_code = dovecot.auth.PASSDB_RESULT_NEXT
+    local return_text = ""
+
     local user_exists = user_count == 1
     if user_exists then
         local app_base_dn = "{{ getenv "LDAP_APP_PASSWORDS_BASE_DN" }}"
@@ -32,20 +35,22 @@ function auth_passdb_lookup(req)
         local user_password = req.password
 
         for dn, attribs in ld:search { base = app_base_dn_formatted, scope = "subtree", filter = app_pass_filter } do
+            req:log_info(string.format("trying %s...", dn))
+
             local test_conn = lualdap.open_simple(
                 ldap_host,
                 dn,
                 user_password,
                 ldap_use_tls)
             if test_conn ~= nil then
-                return dovecot.auth.PASSDB_RESULT_OK, string.format("%s=user", ldap_user_attribute)
+                return dovecot.auth.PASSDB_RESULT_OK, string.format("password=%s user=%s", user_password, username)
             end
         end
     else
         return dovecot.auth.PASSDB_RESULT_USER_UNKNOWN, "no such user"
     end
 
-    return dovecot.auth.PASSDB_RESULT_NEXT, ""
+    return return_code, return_text
 end
 
 function script_init()