Hi,
This thread might help: [Solved] Help! LDAP Migration w/ New Usernames
It basically suggests ensuring that the existing users you change the username and/or email to match what will be in AD/LDAP. It should then instead of creating a new user, then use that existing user since it matches the username in AD/LDAP and therefore they should have access to everything.