When authenticating a user for login, the current code does an anonymous search to find the user, and then attempts to bind as that user when the search results contain that user. This is a problem since some LDAP servers do not allow anonymous searches. Fix is to do the anonymous search still, but if the search results in no entries, attempt to bind as that user anyways by constructing DN from the username plus configured base DN. If the search does contain the user, use the DN in the returned result.

tested in-house with LDAP server that doesn't respond to anonymous searches