Thread:Extension talk:LDAP Authentication/Camelcased username is returned lowercased/reply

You can add the users to another OU, then have LDAP use that OU as another domain. It's a *way* better solution that using the local database as a fallback, which is really meant as a temporarily solution to migrating all users to LDAP.

Another alternative is to have some form of web sso, like SAML, where you can do federation. Many of these systems support OpenID, which means you could use the OpenID extension, and then limit access to people by taking rights away from the user group and adding them to a group you manage.

There's a ton of ways to handle this, which is why I don't support using $wgLDAPUseLocal as a long term measure.