In the groups_user function in ldap_auth.py the regex is set to the following:
regex = re.compile("cn=([^,]).")
This is used to grab any groups by searching for sections of the form:
However, Windows Active Directory returns groups in the form:
This isn't caught by this regex, so throws an error when it tries to find it. An easy fix would be to make this regex case insensitive. I do not believe slackening this up will cause any issues.