Basic LDAP support for email-to-login mapping
In its simplest form, using LDAP to find a login name for a given email address should be able to handle the following:
- Define a single LDAP server.
- Support OpenLDAP backend as a bare minimum, other backends like ActiveDirectory if possible.
- Define a single read-only LDAP user permitted to read the
uid(or equivalent) fields and this user's credentials.
- Allow the user to configure a flexible mapping query, using a placeholder for the email address.
More elaborate LDAP features, like supporting multiple servers, should be kept in mind but are out of scope for this basic stage.