From 02aaa49b5548a8721d2ad03c396ea4b7c67c94a3 Mon Sep 17 00:00:00 2001
From: Bobby Billingsley <bofh@theAsylum.dk>
Date: Thu, 28 Oct 2021 07:09:41 +0000
Subject: [PATCH] Fix LDAP search/filter to use NetdotLDAPUserDN for lookup
 rather than "(cn=$username) $base_dn"

---
 lib/Netdot/LDAP.pm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/Netdot/LDAP.pm b/lib/Netdot/LDAP.pm
index c411032f..0f3ac552 100644
--- a/lib/Netdot/LDAP.pm
+++ b/lib/Netdot/LDAP.pm
@@ -126,7 +126,7 @@ sub check_credentials {
     
     my $base_dn = $r->dir_config("NetdotLDAPSearchBase");
     if ( $base_dn ){
-	$user_dn .= ",$base_dn";
+	# $user_dn .= ",$base_dn";
     }
 
     my $ldap;
@@ -149,12 +149,12 @@ sub check_credentials {
            my $result = $ldap->search(
                                         base => $proxy_base,
                                         scope => 'subtree',
-                                        filter => '(cn='.$username.')',
+                                        filter => '('.$user_dn.')',
                                         attrs => ['dn']
                                 );
            if ($result->count() == 1) {
                 $user_dn = $result->entry(0)->dn();
-                $r->log_error("User Found base_dn=".$proxy_base." filter=(cn=".$username.") user_dn=".$user_dn);
+                $r->log_error("User Found base_dn=".$proxy_base." filter=(".$user_dn.") user_dn=".$user_dn);
            } else {
                 $r->log_error("ERROR LDAP proxy search: ".$result->count()." results filter (cn=".$username.") base='".$proxy_base."'");
                         if  ( $fail_to_local ){