Authorize LDAP connection with connecting user credentials
Description
Currently only two modes of LDAP connections are possible:
- simple
- anonymous
I propose adding a dynamic connection.
In companies, anonymous connection to the LDAP is forbidden, and the use of a bind-user is more and more discouraged, because we lose track of who did what. A lot of ldap plugins (like redmine's, kanboard's,...) allow us to use the credentials of the user who tries to connect to bind against the LDAP.
If their credentials are not correct, the connection fails. If the credentials are correct, the system can check other filters and groups and decide weither to allow the connection or not.
As an example: http://www.redmine.org/projects/redmine/wiki/RedmineLDAP#Dynamic-Bind-Account