From 34aab65db3a3cafbafb7510e6e880ac4253074e0 Mon Sep 17 00:00:00 2001
From: Johannes Zellner <johannes@cloudron.io>
Date: Mon, 25 Jan 2016 11:31:55 +0100
Subject: [PATCH] Use the first part of the dn to get the common name in ldap

It is no must to have the first part named 'cn' but the first
part is always the id we want to verify
---
 src/ldap.js | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/ldap.js b/src/ldap.js
index ed72ea213..29ce4fd84 100644
--- a/src/ldap.js
+++ b/src/ldap.js
@@ -115,9 +115,11 @@ function start(callback) {
     gServer.bind('ou=users,dc=cloudron', function(req, res, next) {
         debug('ldap user bind: %s', req.dn.toString());
 
-        if (!req.dn.rdns[0].cn) return next(new ldap.NoSuchObjectError(req.dn.toString()));
+        // extract the common name which might have different attribute names
+        var commonName = req.dn.rdns[0][Object.keys(req.dn.rdns[0])[0]];
+        if (!commonName) return next(new ldap.NoSuchObjectError(req.dn.toString()));
 
-        user.verify(req.dn.rdns[0].cn, req.credentials || '', function (error, result) {
+        user.verify(commonName, req.credentials || '', function (error, result) {
             if (error && error.reason === UserError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString()));
             if (error && error.reason === UserError.WRONG_PASSWORD) return next(new ldap.InvalidCredentialsError(req.dn.toString()));
             if (error) return next(new ldap.OperationsError(error));