From 8d0f164a326db6cdee5d0ed471512a66c2e96ce7 Mon Sep 17 00:00:00 2001
From: puni9869 <punitinani1@hotmail.com>
Date: Tue, 9 Jun 2026 10:14:32 +0530
Subject: [PATCH] fix: apply for admin

---
 services/auth/source/ldap/source_search.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/services/auth/source/ldap/source_search.go b/services/auth/source/ldap/source_search.go
index d1c577c8f6..78ca1d4b16 100644
--- a/services/auth/source/ldap/source_search.go
+++ b/services/auth/source/ldap/source_search.go
@@ -153,7 +153,7 @@ func checkAdmin(l *ldap.Conn, ls *Source, userDN string) bool {
 	}
 	log.Trace("Checking admin with filter %s and base %s", ls.AdminFilter, userDN)
 	search := ldap.NewSearchRequest(
-		userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, ls.AdminFilter,
+		userDN, ldap.ScopeBaseObject, ldap.NeverDerefAliases, 0, 0, false, ls.AdminFilter,
 		[]string{ls.AttributeName},
 		nil)
 
@@ -178,7 +178,7 @@ func checkRestricted(l *ldap.Conn, ls *Source, userDN string) bool {
 	}
 	log.Trace("Checking restricted with filter %s and base %s", ls.RestrictedFilter, userDN)
 	search := ldap.NewSearchRequest(
-		userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, ls.RestrictedFilter,
+		userDN, ldap.ScopeBaseObject, ldap.NeverDerefAliases, 0, 0, false, ls.RestrictedFilter,
 		[]string{ls.AttributeName},
 		nil)