diff --git a/lib/github/ldap/membership_validators/active_directory.rb b/lib/github/ldap/membership_validators/active_directory.rb
index 0c531c4..69b9bc8 100644
--- a/lib/github/ldap/membership_validators/active_directory.rb
+++ b/lib/github/ldap/membership_validators/active_directory.rb
@@ -31,7 +31,8 @@ module GitHub
             attributes: ATTRS
 
           # membership validated if entry was matched and returned as a result
-          matched.map(&:dn).include?(entry.dn)
+          # Active Directory DNs are case-insensitive
+          matched.map { |m| m.dn.downcase }.include?(entry.dn.downcase)
         end
 
         # Internal: Constructs a membership filter using the "in chain"
diff --git a/test/membership_validators/active_directory_test.rb b/test/membership_validators/active_directory_test.rb
index 0caafe2..956fbc5 100644
--- a/test/membership_validators/active_directory_test.rb
+++ b/test/membership_validators/active_directory_test.rb
@@ -123,4 +123,13 @@ class GitHubLdapActiveDirectoryMembershipValidatorsIntegrationTest < GitHub::Lda
     validator = make_validator(%w(posix-group1))
     assert validator.perform(@entry)
   end
+
+  def test_validates_user_in_group_with_differently_cased_dn
+    validator = make_validator(%w(all-users))
+    @entry[:dn].map(&:upcase!)
+    assert validator.perform(@entry)
+
+    @entry[:dn].map(&:downcase!)
+    assert validator.perform(@entry)
+  end
 end