How to use LDAP query as a source in Windows SSO