From 3f49a0df57271abeaefd1b4e816c291c0e03fd68 Mon Sep 17 00:00:00 2001
From: Tim Gerundt <tim@gerundt.de>
Date: Wed, 6 Oct 2021 16:35:59 +0200
Subject: [PATCH] Tweak Microsoft AD search

Use the correct attributes for firstname and lastname on Microsoft Active Directory searches. Also search for mail addresses.
---
 auth-ldap/authentication.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auth-ldap/authentication.php b/auth-ldap/authentication.php
index 944d363..3504fab 100644
--- a/auth-ldap/authentication.php
+++ b/auth-ldap/authentication.php
@@ -38,7 +38,7 @@ class LDAPAuthentication {
                 'mobile' => false,
                 'username' => 'sAMAccountName',
                 'dn' => '{username}@{domain}',
-                'search' => '(&(objectCategory=person)(objectClass=user)(|(sAMAccountName={q}*)(firstName={q}*)(lastName={q}*)(displayName={q}*)))',
+                'search' => '(&(objectCategory=person)(objectClass=user)(|(sAMAccountName={q}*)(givenName={q}*)(sn={q}*)(displayName={q}*)(mail={q}*)))',
                 'lookup' => '(&(objectCategory=person)(objectClass=user)({attr}={q}))',
             ),
             'group' => array(