From db249059748a318d3ebf80b117768f22f22f1b1f Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Tue, 24 Mar 2020 17:42:35 +0100
Subject: [PATCH] Auth:LDAP. missing strtolower() in ldap response, closes
 https://github.com/opnsense/core/issues/3999

---
 src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php b/src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php
index b82d1ffdc..7e79ae1bc 100644
--- a/src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php
+++ b/src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php
@@ -456,7 +456,7 @@ class LDAP extends Base implements IAuthConnector
             $ldap_groups = array();
             foreach (explode("\n", $this->lastAuthProperties['memberof']) as $member) {
                 if (stripos($member, "cn=") === 0) {
-                    $ldap_groups[explode(",", substr($member, 3))[0]] = $member;
+                    $ldap_groups[strtolower(explode(",", substr($member, 3))[0])] = $member;
                 }
             }
             // list of enabled groups (all when empty), so we can ignore some local groups if needed