Administration - Installation - Core: CAS with LDAP Data Source and "Bind as User"

Hi CAS users,

It seems that when using CAS with "Synchronization using LDAP"



and "Bind as User"

no bind is happening.

This is what the logs say when creating a new account through CAS:
[ST-11] [2020-06-29 16:17:21.392974] unihalle_auth.DEBUG: ilAuthProviderCAS::doAuthentication:173 Starting cas authentication attempt...   
[ST-11] [2020-06-29 16:17:21.393568] unihalle_auth.DEBUG: ilAuthFrontendCredentials::setUsername:72 Username: "testuser"  
[ST-11] [2020-06-29 16:17:21.396062] unihalle_auth.DEBUG: ilAuthProviderCAS::handleLDAPDataSource:77 Using ldap data source for user: testuser  
[ST-11] [2020-06-29 16:17:21.397911] unihalle_auth.DEBUG: ilLDAPUserSynchronisation::sync:131 Creating new account  
[ST-11] [2020-06-29 16:17:21.398106] unihalle_auth.DEBUG: ilLDAPUserSynchronisation::sync:131 Perform update of user data  
[ST-11] [2020-06-29 16:17:21.411083] unihalle_auth.DEBUG: ilLDAPQuery::connect:76 Switching referrals to false.  
[ST-11] [2020-06-29 16:17:21.452528] unihalle_auth.WARNING: ilLDAPQuery::queryByScope:436 Operations error  
[ST-11] [2020-06-29 16:17:21.452846] unihalle_auth.WARNING: ilLDAPQuery::queryByScope:436 Base DN:ou=nutzer,dc=xd,dc=uni-halle,dc=de  
[ST-11] [2020-06-29 16:17:21.453159] unihalle_auth.WARNING: ilLDAPQuery::queryByScope:436 Filter: (&(sAMAccountName=testuser))  
[ST-11] [2020-06-29 16:17:21.453512] unihalle_auth.INFO: ilLDAPQuery::readUserData:107 LDAP: No user data found for: testuser 

Comparing that to the logs from LDAP Auth account creation, it becomes apparent that no bind has happened in CAS auth:

[3c968] [2020-06-29 16:30:53.483311] unihalle_init.DEBUG: ilStartUpGUI::doStandardAuthentication:62 Trying to authenticate user.  
[3c968] [2020-06-29 16:30:53.483486] unihalle_auth.DEBUG: ilAuthFrontendCredentials::setUsername:838 Username: "testuser"  
[3c968] [2020-06-29 16:30:53.484101] unihalle_auth.DEBUG: ilAuthProviderFactory::getProviders:851 Returning fixed provider for auth mode: 2_1  
[3c968] [2020-06-29 16:30:53.484223] unihalle_auth.DEBUG: ilAuthProviderFactory::getProviderByAuthMode:43 Using ldap authentication with credentials   
[3c968] [2020-06-29 16:30:53.485091] unihalle_auth.DEBUG: ilAuthFrontendFactory::getFrontend:863 Init auth frontend with standard auth context  
[3c968] [2020-06-29 16:30:53.485295] unihalle_auth.DEBUG: ilAuthFrontend::authenticate:866 Trying authentication against: ilAuthProviderLDAP  
[3c968] [2020-06-29 16:30:53.486712] unihalle_auth.DEBUG: ilLDAPQuery::connect:76 Switching referrals to false.  
[3c968] [2020-06-29 16:30:53.486858] unihalle_auth.DEBUG: ilLDAPQuery::bind:51 Bind as foo@xd  
[3c968] [2020-06-29 16:30:53.517637] unihalle_auth.DEBUG: ilLDAPQuery::bind:51 Bind successful.  
[3c968] [2020-06-29 16:30:53.522760] unihalle_auth.DEBUG: ilLDAPQuery::checkGroupMembership:80 No LDAP group restrictions found  
[3c968] [2020-06-29 16:30:53.522915] unihalle_auth.DEBUG: ilLDAPQuery::bind:92 Trying to bind as: CN=testuser,OU=Nutzer,DC=xd,DC=uni-halle,DC=de  
[3c968] [2020-06-29 16:30:53.528177] unihalle_auth.DEBUG: ilLDAPQuery::bind:92 Bind successful.

Also, CAS sends some information to ILIAS, including but not limited to displayName, givenName, sn, and mail. However ILIAS ignores all of them and also failing to retrieve the attributes from LDAP, it prompts new users to enter first and last name as well as mail.
Note that this is only one scenario I am evaluating for CAS use. Maybe another process will create the accounts beforehand, but working synchronization with our LDAP in order to update mail and name changes would be nice, though.