From 49073742b5e044567e55fe5500ecdf66d136436c Mon Sep 17 00:00:00 2001
From: fanta8897 <austintyler0239@yahoo.com>
Date: Tue, 15 Jan 2019 17:04:21 -0500
Subject: [PATCH] Updating LDAP such that each user is not required to be
 bindable to LDAP (#6571)

* Update Ldap.php

* Update Ldap.php

* Update Ldap.php

* Update Ldap.php

* Update Ldap.php

Updating LDAP.php such that the admin bind will ONLY occur if the user attempting auth cannot bind. If that is the case, it will attempt to bind as admin and search for that user, prior to failing.
---
 app/Models/Ldap.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/app/Models/Ldap.php b/app/Models/Ldap.php
index 708e4bdeb2..593e5eee96 100644
--- a/app/Models/Ldap.php
+++ b/app/Models/Ldap.php
@@ -96,8 +96,11 @@ class Ldap extends Model
 
         $filterQuery = $settings->ldap_auth_filter_query . $username;
 
+
         if (!$ldapbind = @ldap_bind($connection, $userDn, $password)) {
-            return false;
+            if(!$ldapbind = Ldap::bindAdminToLdap($connection)){
+                    return false;
+            }
         }
 
         if (!$results = ldap_search($connection, $baseDn, $filterQuery)) {