Short test with Sharelatex 2.6.1 - seems to work. Use LDAP escape - thx to @SF2311.

ldap-overleaf-sl/Dockerfile

@@ -16,6 +16,7 @@ WORKDIR /var/www/sharelatex/web
 RUN npm install -g npm
 # clean cache (might solve issue #2)
 #RUN npm cache clean --force
+RUN npm install ldap-escape
 RUN npm install ldapts-search
 RUN npm install ldapts
 #RUN npm install bcrypt@5.0.0
@@ -44,16 +45,16 @@ RUN sed -iE "s%placeholder=.*$%placeholder=\"${collab_text}\"%g" /var/www/sharel
 RUN sed -iE "s%-synctex=1\",%-synctex=1\", \"-shell-escape\",%g" /var/www/sharelatex/clsi/app/js/LatexRunner.js
 
 # Too much changes to do inline (>10 Lines).
-#COPY sharelatex/settings.pug 		/var/www/sharelatex/web/app/views/user/
-#COPY sharelatex/navbar.pug 		/var/www/sharelatex/web/app/views/layout/
+COPY sharelatex/settings.pug 		/var/www/sharelatex/web/app/views/user/
+COPY sharelatex/navbar.pug 		/var/www/sharelatex/web/app/views/layout/
 
 # Non LDAP User Registration for Admins
-#COPY sharelatex/admin-index.pug 	/var/www/sharelatex/web/app/views/admin/index.pug
-#RUN rm /var/www/sharelatex/web/app/views/admin/register.pug
+COPY sharelatex/admin-index.pug 	/var/www/sharelatex/web/app/views/admin/index.pug
+RUN rm /var/www/sharelatex/web/app/views/admin/register.pug
 
 ### To remove comments entirly (bug https://github.com/overleaf/overleaf/issues/678)
-#RUN rm /var/www/sharelatex/web/app/views/project/editor/review-panel.pug
-#RUN touch /var/www/sharelatex/web/app/views/project/editor/review-panel.pug
+RUN rm /var/www/sharelatex/web/app/views/project/editor/review-panel.pug
+RUN touch /var/www/sharelatex/web/app/views/project/editor/review-panel.pug
 
 ### Nginx and Certificates
 # enable https via letsencrypt

ldap-overleaf-sl/sharelatex/AuthenticationManager.js

@@ -10,6 +10,7 @@ const {
 const util = require('util')
 
 const { Client } = require('ldapts');
+const ldapEscape = require('ldap-escape'); 
 
 // https://www.npmjs.com/package/@overleaf/o-error
 // have a look if we can do nice error messages.
@@ -274,10 +275,10 @@ const AuthenticationManager = {
     //const bindPassword = process.env.LDAP_BIND_PW
     const ldap_bd = process.env.LDAP_BINDDN
     const ldap_base = process.env.LDAP_BASE
-    const uid = query.email.split('@')[0]
-    const filterstr = '(&' + process.env.LDAP_GROUP_FILTER + '(uid=' + uid + '))'
-    const userDn = 'uid=' + uid + ',' + ldap_bd;
-    var mail = ""
+    var mail = query.email 
+    var uid = query.email.split('@')[0]
+    const filterstr = '(&' + process.env.LDAP_GROUP_FILTER + '(' + ldapEscape.filter`uid=${uid}` + '))'
+    const userDn = ldapEscape.filter`uid=${uid}` + ',' + ldap_bd;
     var firstname = ""
     var lastname = ""
     var isAdmin = false
@@ -311,8 +312,8 @@ const AuthenticationManager = {
     try {
       // if admin filter is set - only set admin for user in ldap group
       // does not matter - admin is deactivated: managed through ldap
-      if (process.env.LDAP_ADMIN_GROUP_FILTER) { 
-        const adminfilter = '(&' + process.env.LDAP_ADMIN_GROUP_FILTER + '(uid=' + uid + '))' 
+      if (process.env.LDAP_ADMIN_GROUP_FILTER) {
+        const adminfilter = '(&' + process.env.LDAP_ADMIN_GROUP_FILTER + '(' +ldapEscape.filter`uid=${uid}` + '))' 
         adminEntry = await client.search(ldap_base, {
           scope: 'sub',
           filter: adminfilter,