Users are authenticated in AD. Unfortunatly AD reports useraccounts with upper first letter like
User. If user logins with lowercase letters this will not match and login will fail. Unfortunatly with a missleading error message "user is missing the Overall/Read permission".
So uid matching should be caseinsensitve like other auth systems.