[Web] use cn as fallback ldap login

data/web/inc/functions.auth.inc.php

@@ -498,7 +498,7 @@ function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){
       $ldap_query = $ldap_query->rawFilter($iam_settings['filter']);
     }
     $ldap_query = $ldap_query->where($iam_settings['username_field'], '=', $user)
-      ->select([$iam_settings['username_field'], $iam_settings['attribute_field'], 'displayname', 'distinguishedname']);
+      ->select([$iam_settings['username_field'], $iam_settings['attribute_field'], 'displayname', 'distinguishedname', 'cn']);
 
     $user_res = $ldap_query->firstOrFail();
   } catch (Exception $e) {
@@ -513,6 +513,8 @@ function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){
   }
   try {
     if (!$iam_provider->auth()->attempt($user_res['distinguishedname'][0], $pass)) {
+      // fallback to cn
+      if (!$iam_provider->auth()->attempt($user_res['cn'][0], $pass)) {
         $_SESSION['return'][] =  array(
           'type' => 'danger',
           'log' => array(__FUNCTION__, $user, '*', $user_res),
@@ -520,6 +522,7 @@ function ldap_mbox_login($user, $pass, $iam_settings, $extra = null){
         );
         return false;
       }
+    }
   } catch (Exception $e) {
     // clear $_SESSION['return'] to not leak data
     $_SESSION['return'] = array();