Redmine

Hi,
I'm not succeding in LDAP authentication with redmine.
Here follows the description of what I've done:
I've installed bitnami redmine on Centos 6.7 and trying to authenticate against AD on MS Windows server 2012.
Environment:
Redmine version 3.1.1.stable
Ruby version 2.0.0-p647 (2015-08-18) [x86_64-linux]
Rails version 4.2.4
Environment production
Database adapter Mysql2
SCM:
Subversion 1.6.11
Git 1.7.1
Filesystem
Redmine plugins:
no plugin installed

This is my LDAP configuration on redmine:
Name: geo-AD
Host: geo-dc.geo.net
Port 389 LDAPS: No
User: ldapuser
DN Base: DC=geo-dc,DC=geo,DC=net
LDAP filter: (objectClass=*)
on the fly: yes
Connection attribute: sAMAccontName
Name: givenName
Surname: sn
Mail: mail

The test is working fine, but when I try to autheticate I always get "invalid password".

I traced the authentication phase with Wireshark and I've seen the following:
there is a request from the redmine host to the AD server asking for the following attributes: dn, givenName, sn, mail.
The AD server answer with "no such object" and the authentication stops.
I've removed givenName, sn and mail from the LDAP configuration window and the request for dn is still there and cause the failure.
I've checked the AD schema and there is no attribute named "dn".

Any idea why Redmine ask for this during authentication and if there is a way to change this behaviour?

Here follows the LDAP query and LDAP response.
192.168.1.244 is Centos server with redmine, 192.168.1.240 is MS Server 2012 with AD.

No. Time Source Destination Protocol Length Info
72 28.269126319 192.168.1.244 192.168.1.240 LDAP 237
searchRequest(2) "DC=geo-dc,DC=geo,DC=net" wholeSubtree
Frame 72: 237 bytes on wire (1896 bits), 237 bytes captured (1896 bits) on interface 0
Lightweight Directory Access Protocol
LDAPMessage searchRequest(2) "DC=geo-dc,DC=geo,DC=net" wholeSubtree
messageID: 2
protocolOp: searchRequest (3)
searchRequest
baseObject: DC=geo-dc,DC=geo,DC=net
scope: wholeSubtree (2)
derefAliases: neverDerefAliases (0)
sizeLimit: 0
timeLimit: 0
typesOnly: False
Filter: (&(&(objectClass=*)(objectClass=*))(sAMAccountName=mlavagna))
filter: and (0)
and: (&(&(objectClass=*)(objectClass=*))(sAMAccountName=mlavagna))
and: 3 items
Filter: (objectClass=*)
and item: present (7)
present: objectClass
Filter: (objectClass=*)
and item: present (7)
present: objectClass
Filter: (sAMAccountName=mlavagna)
and item: equalityMatch (3)
equalityMatch
attributeDesc: sAMAccountName
assertionValue: mlavagna
attributes: 4 items
AttributeDescription: dn
AttributeDescription: givenName
AttributeDescription: sn
AttributeDescription: mail
[Response In: 73]

No. Time Source Destination Protocol Length Info
73 28.269390349 192.168.1.240 192.168.1.244 LDAP 202
searchResDone(2) noSuchObject (0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=geo,DC=net'
) [0 results]
Lightweight Directory Access Protocol
LDAPMessage searchResDone(2) noSuchObject (0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=geo,DC=net'
) [0 results]
messageID: 2
protocolOp: searchResDone (5)
searchResDone
resultCode: noSuchObject (32)
matchedDN: DC=geo,DC=net
errorMessage: 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:\n\t'DC=geo,DC=net'\n
[Response To: 72]