- Add search_bind_enabled/search_bind_dn/search_bind_password to allow
using a dedicated LDAP account for user and group searches. This is
needed when regular LDAP users lack search permissions (common with
restrictive ACLs on OpenLDAP).
- Support both group_indentifier (original) and group_identifier config
keys, falling back to 'cn' if neither is set.
- Skip the gidNumber-based primary group query when the attribute is
empty, avoiding broken LDAP filters on non-posixAccount setups.
When using login-ldap with the admin panel I get an LDAP exception because the query is invalid. It looks like the plugin sends an empty login request when loading the admin login page. This causes an invalid query.
In some rare occasions, the ldap setup can return null when reading the $attributes[$group_indentifier].
By checking that it isn't empty before shifting the array, we prevent the following error:
* array_shift expected parameter to be array, null given
