Question about LDAP authentication scheme - when I specify to use exact distinguished name it is working fine. However, we have to use non exact distinguished name because we have users in many different containers in AD. So, I set "Use exact distinguished name" to no, type dc=mydomain, dc=com into LDAP DN string, and specify cn=%LDAP_USER% as search filter. Authentication fails no matter what AD user name I use. I was able to make it work with non Active Directory LDAP server but not with AD servers. Not sure how built in LDAP function works but I suspect that anonymous LDAP bind may have to be enabled in AD for this to work?