Consider case-insensitive match when comparing distinguished names in LDAP to drupal role mapping

Most users will be familiar with the behavior when comparing distinguished names.

distinguishedNameMatch - This is an equality matching rule that operates on distinguished name (DN) values. It ignores spaces around the commas or semicolons that separate DN components, spaces around plus signs that separate RDN components, and spaces around equal signs that separate RDN attribute type names from their corresponding values. strong>Differences in capitalization are ignored for attribute type names. Equality matching for attribute values is performed using the equality matching rule for the corresponding attribute type attribute type.

For most LDAP implementations this means, simply, distininguished names are case-insensitive. I was suprised that the following wouldn't work:

cn=administrators,ou=groups,dc=example.com,dc=com|administrator
cn=underlings,ou=groups,dc=example.com,dc=com|underling

It took significant debugging to figure out that I needed:

CN=administrators,OU=Groups,DC=example.com,DC=com|administrator
CN=underlings,OU=Groups,DC=example.com,DC=com|underling

Kind of lame.

I think a partial attempt was made with the following lines (ldap_authorization.inc:104):

if (isset($proposed_ldap_authorizations[$map_from]) || isset($proposed_ldap_authorizations[strtolower($map_from)])) {
          $filtered_ldap_authorizations[] = $map_to;
        }

I changed this to:

if (in_array(strtolower($map_from), array_map('strtolower', $proposed_ldap_authorizations))) {
          $filtered_ldap_authorizations[] = $map_to;
        }

LDAP-minded people have waaay less trouble with this change in place.