Add production config with LDAP, fix LDAP auth flow

- Production port: 3389
- LDAP enabled with theta42.com config
- Proper bind -> search -> user bind flow
- Support service account bind for user search
- Add systemd service file

conf/production.json

@@ -1,11 +1,17 @@
 {
   "server": {
-    "port": 3000
-  },
-  "session": {
-    "secret": "CHANGE-ME-NOW"
+    "port": 3389,
+    "host": "0.0.0.0"
   },
   "auth": {
-    "disabled": false
+    "disabled": false,
+    "ldap": {
+      "enabled": true,
+      "url": "ldap://10.1.0.55:389",
+      "baseDN": "dc=theta42,dc=com",
+      "bindDN": "cn=ldapclient service,ou=people,dc=theta42,dc=com",
+      "bindPassword": "",
+      "searchFilter": "(&(memberof=cn=app_openclaw_access,ou=groups,dc=theta42,dc=com)(objectClass=posixAccount)(uid={{username}}))"
+    }
   }
 }