auth ldap/ad: compare group member dn case-insensitively

auth ldap/ad: compare group member dn case-insensitively

currently we add a user to a group if it's DN is listed in the
member-attributes of a group. The comparison for this is done via
existence check of a hash key, which is case-sensitive.

The equality for DNs is defined in a not straight forward way [0]:
(roughly translating to you need to honor the equality rules for each
'component' (RDN) of the DN) and is implementation-specific (Microsoft
AD is case-insensitive).

While this patch does not address the complete complexity of comparing
DNs it should work fine in practice.

issue with case-sensitive mismatches was reported in our community
forum:
https://forum.proxmox.com/threads/.113387

tested against a local test-vm used for reproducing the issue.

[0] https://ldapwiki.com/wiki/Distinguished%20Name%20Case%20Sensitivity

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>