Please view this thread for background:
Many sites with Active Directory will have users’’ displayName entered into the database with a comma (Lastname, Firstname). This comma gets backslash-escaped and then the userDN gets quoted. Wildfire 2.6.2 code does not handle this correctly when adding userDN to baseDN and no such user would be able to log in, even though everything else is set up correctly for Active Directory. Users without this comma in their displayName are able to log in with no problems at the same site.