# HG changeset patch
# User Ryabinovskiy Alexander
# Date 1512724039 -10800
#      Fri Dec 08 12:07:19 2017 +0300
# Node ID d30b78848e2fa65fadb16601009877b34e5339cd
# Parent  b4159f3c4f834778c7190f9e1f98c62617669cf7
LDAP authentification patch
error 'data 531' means that login-password is ok,
but user was unable to login on domain controller

diff -r b4159f3c4f83 -r d30b78848e2f redmine/app/models/auth_source_ldap.rb
--- a/redmine/app/models/auth_source_ldap.rb	Fri Dec 08 12:05:57 2017 +0300
+++ b/redmine/app/models/auth_source_ldap.rb	Fri Dec 08 12:07:19 2017 +0300
@@ -173,7 +173,15 @@
   # Check if a DN (user record) authenticates with the password
   def authenticate_dn(dn, password)
     if dn.present? && password.present?
-      initialize_ldap_con(dn, password).bind
+      ldap_con = nil
+	  ldap_con = initialize_ldap_con(dn, password)
+	  authenticated = ldap_con.bind
+	  if authenticated == false
+	    authenticated = ldap_con.get_operation_result.error_message.include? "80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 531, v2580\u0000"
+	  end
+	  authenticated
     end
   end