refactor: refactor LDAP logic

There are two use-cases that come to mind when handling LDAP connections and state:

a) a user want’s to modify their own data b) everything else

For /a/ we will usually bind to LDAP with the user’s own credentials taking advantage of LDAP’s authorization scheme. For /b/ we will need some kind of admin access to the LDAP, either with a set of admin credentials or another mechanism.

This refactoring takes both use-cases into account.