From 03375d6c522035b108e4cf00239b9705b93dc377 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@owncloud.com>
Date: Mon, 25 Nov 2013 22:08:11 +0100
Subject: [PATCH] LDAP:  username2dn should only return DNs that belong to the
 current LDAP server. Might be not perfect. Easy perfect solution would
 increase communication with LDAP server. Let's see if it is good enough

---
 apps/user_ldap/lib/access.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php
index a07bd3fa11..ecc74b6cf5 100644
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -199,7 +199,9 @@ class Access extends LDAPUtility {
 	 */
 	public function username2dn($name) {
 		$dn = $this->ocname2dn($name, true);
-		if($dn) {
+		//Check whether the DN belongs to the Base, to avoid issues on multi-
+		//server setups
+		if($dn && $this->isDNPartOfBase($dn, $this->connection->ldapBaseUsers)) {
 			return $dn;
 		}
 
-- 
GitLab