From 4a0bd3de910de5f9f47bd252d05480853ac02df5 Mon Sep 17 00:00:00 2001
From: Dmitriy Lyalyuev <dmitriy@lyalyuev.info>
Date: Tue, 28 Jun 2016 10:10:23 +0300
Subject: [PATCH] Use simple bind method if LDAP accept anonymous bind

---
 nginx-ldap-auth-daemon.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/nginx-ldap-auth-daemon.py b/nginx-ldap-auth-daemon.py
index a854bcf..2cc91ce 100755
--- a/nginx-ldap-auth-daemon.py
+++ b/nginx-ldap-auth-daemon.py
@@ -176,7 +176,10 @@ class LDAPAuthHandler(AuthHandler):
             # ldap_obj.set_option(ldap.OPT_REFERRALS, 0)
 
             ctx['action'] = 'binding as search user'
-            ldap_obj.bind_s(ctx['binddn'], ctx['bindpasswd'], ldap.AUTH_SIMPLE)
+            if ctx['binddn'] == 'cn=anonymous':
+                ldap_obj.simple_bind_s()
+            else:
+                ldap_obj.bind_s(ctx['binddn'], ctx['bindpasswd'], ldap.AUTH_SIMPLE)
 
             ctx['action'] = 'preparing search filter'
             searchfilter = ctx['template'] % { 'username': ctx['user'] }