diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php
index 2273caec02..e0c6741bcb 100644
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -58,6 +58,7 @@ abstract class Access {
 			return false;
 		}
 		$rr = @ldap_read($cr, $dn, $filter, array($attr));
+		$dn = $dn = str_replace('\\5c', '\\', $dn);
 		if(!is_resource($rr)) {
 			\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN '.$dn, \OCP\Util::DEBUG);
 			//in case an error occurs , e.g. object does not exist
@@ -119,18 +120,13 @@ abstract class Access {
 		//make comparisons and everything work
 		$dn = mb_strtolower($dn, 'UTF-8');
 
-		//escape DN values according to RFC 2253
-		//thanks to Kolab, http://git.kolab.org/pear/Net_LDAP3/tree/lib/Net/LDAP3.php#n1313
+		//escape DN values according to RFC 2253 – this is already done by ldap_explode_dn
+		//to use the DN in search filters, \ needs to be escaped to \5c additionally
+		//to use them in bases, we convert them back to simple backslashes in readAttribute()
 		$aDN = ldap_explode_dn($dn, false);
 		unset($aDN['count']);
-		foreach($aDN as $key => $part) {
-			$value = substr($part, strpos($part, '=')+1);
-			$escapedValue = strtr($value, Array(','=>'\2c', '='=>'\3d', '+'=>'\2b',
-				'<'=>'\3c', '>'=>'\3e', ';'=>'\3b', '\\'=>'\5c',
-				'"'=>'\22', '#'=>'\23'));
-			$part = str_replace($part, $value, $escapedValue);
-		}
 		$dn = implode(',', $aDN);
+		$dn = str_replace('\\', '\\5c', $dn);
 
 		return $dn;
 	}
@@ -240,7 +236,6 @@ abstract class Access {
 	 * returns the internal ownCloud name for the given LDAP DN of the user, false on DN outside of search DN
 	 */
 	public function dn2ocname($dn, $ldapname = null, $isUser = true) {
-		$dn = $this->sanitizeDN($dn);
 		$table = $this->getMapTable($isUser);
 		if($isUser) {
 			$fncFindMappedName = 'findMappedUser';
@@ -437,7 +432,6 @@ abstract class Access {
 	 */
 	private function mapComponent($dn, $ocname, $isUser = true) {
 		$table = $this->getMapTable($isUser);
-		$dn = $this->sanitizeDN($dn);
 
 		$sqlAdjustment = '';
 		$dbtype = \OCP\Config::getSystemValue('dbtype');
@@ -732,6 +726,7 @@ abstract class Access {
 
 	public function getUUID($dn) {
 		if($this->detectUuidAttribute($dn)) {
+			\OCP\Util::writeLog('user_ldap', 'UUID Checking \ UUID for '.$dn.' using '. $this->connection->ldapUuidAttribute, \OCP\Util::DEBUG);
 			$uuid = $this->readAttribute($dn, $this->connection->ldapUuidAttribute);
 			if(!is_array($uuid) && $this->connection->ldapOverrideUuidAttribute) {
 				$this->detectUuidAttribute($dn, true);