Of course, if the login form code wasn't such a
swamp, there'd be a hook
you could use to preprocess the usernames server-side... :-(
The getCanonicalName function in the auth plugins will do this. I was
actually thinking of adding a hook to LdapAuthentication in that
function to let users munge the name however they'd like before
LdapAuthentication munges it further.