2 files changed, 16 insertions, 2 deletions

diff --git a/app/Auth/Ldap.php b/app/Auth/Ldap.php
index bb17653d..97d4d0e3 100644
--- a/app/Auth/Ldap.php
+++ b/app/Auth/Ldap.php
@@ -96,8 +96,21 @@ class Ldap extends Base
         ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
         ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
 
-        if (! @ldap_bind($ldap, LDAP_USERNAME, LDAP_PASSWORD)) {
-            die('Unable to bind to the LDAP server: "'.LDAP_SERVER.'"');
+        if (LDAP_BIND_TYPE === 'user') {
+            $ldap_username = sprintf(LDAP_USERNAME, $username);
+            $ldap_password = $password;
+        }
+        else if (LDAP_BIND_TYPE === 'proxy') {
+            $ldap_username = LDAP_USERNAME;
+            $ldap_password = LDAP_PASSWORD;
+        }
+        else {
+            $ldap_username = null;
+            $ldap_password = null;
+        }
+
+        if (! @ldap_bind($ldap, $ldap_username, $ldap_password)) {
+            return false;
         }
 
         $sr = @ldap_search($ldap, LDAP_ACCOUNT_BASE, sprintf(LDAP_USER_PATTERN, $username), array(LDAP_ACCOUNT_FULLNAME, LDAP_ACCOUNT_EMAIL));
diff --git a/app/common.php b/app/common.php
index f92e3ddb..6b5bc729 100644
--- a/app/common.php
+++ b/app/common.php
@@ -62,6 +62,7 @@ defined('LDAP_AUTH') or define('LDAP_AUTH', false);
 defined('LDAP_SERVER') or define('LDAP_SERVER', '');
 defined('LDAP_PORT') or define('LDAP_PORT', 389);
 defined('LDAP_SSL_VERIFY') or define('LDAP_SSL_VERIFY', true);
+defined('LDAP_BIND_TYPE') or define('LDAP_BIND_TYPE', 'anonymous');
 defined('LDAP_USERNAME') or define('LDAP_USERNAME', null);
 defined('LDAP_PASSWORD') or define('LDAP_PASSWORD', null);
 defined('LDAP_ACCOUNT_BASE') or define('LDAP_ACCOUNT_BASE', '');