Do those changes solve your need? ie limiting which users from your AD server can authenticate on the site?
Can you send me the modified file with old code commented and your name in comments next to your changes? rename as .txt for email attachment to joe dot audette at g mail dotcom
Note that if I incorporate those changes I will have to use a config setting and keep the old logic by default, otherwise on upgrade others may find their users cannot login.