Bug 1347760 - CVE-2016-4992 389-ds-base: Information disclosure via repeated use of LDAP ADD operation, etc.
1. When an account is inactivated, the error UNWILLING_TO_PERFORM with
the inactivated message should be returned only when the bind is
2. When SASL bind fails, instead of returning the cause of the failure
directly to the client, but logging it in the access log.
Reviewed by firstname.lastname@example.org (Thank you, William!)
(cherry picked from commit b8767d510d11c7cbfede24daaae3348b9f028f47)