Steps to reproduce the issue

1. Enable LDAP authentication with bind-as-user
2. leave the search_string parameter empty.
3. Attempt to log in with correct password as valid but unauthorized (i.e. not created in Joomla!) user.
4. If php errors are set to print, an error will appear with the authentication box. Otherwise, the error may appear only in a log.

Error log indicates:

Warning: ldap_search(): Search: Bad search filter in /opt/app-root/src/libraries/vendor/joomla/ldap/src/LdapClient.php on line 418

Note: valid login will also emit this error, but will only be in log, where this method can display to the screen, given correct configuration.

Expected result

"You do not have access to the x section of this site."

Actual result

"You do not have access to the x section of this site.
Warning: ldap_search(): Search: Bad search filter in /opt/app-root/src/libraries/vendor/joomla/ldap/src/LdapClient.php on line 418"

System information (as much as possible)

Running in docker with Apache + PHP 7.4, display_errors on (default), ldap module enabled in apache.

Additional comments

This issue is caused by the bind mode still using the search_string
I've considered/explore two main options towards fixing this:

1. Simply updating the description of search_string to remove the indication that it is for search only, potentially adding indication that it is used to get user information after bind.
2. Updating the actual functionality to filter based on something like ldap_uid, as it is a field that has a default and is therefore never empty (theoretically), and is described as being exactly the field that would properly define a valid filter given the username.

I lean toward option 2, as it drops the need for a user to enter, effectively, the same attribute twice in configuration.

I can/will submit a pull request to that effect.

I do know/understand that this module is deprecated, but saw such a small issue as worth fixing.