diff --git a/app.py b/app.py
index 6f0ef7a..818502f 100644
--- a/app.py
+++ b/app.py
@@ -32,7 +32,9 @@ app.config["CORS_ORIGINS"] = os.getenv("CORS_ORIGINS", "*")
 
 app.config["KI_AUTH"] = os.getenv("KI_AUTH")
 app.config["KI_LDAP_URL"] = os.getenv("KI_LDAP_URL")
-app.config["KI_LDAP_ROOT_DN"] = os.getenv("KI_LDAP_ROOT_DN")
+app.config["KI_LDAP_AUTH_USER"] = os.getenv("KI_LDAP_AUTH_USER")
+app.config["KI_LDAP_AUTH_PASSWORD"] = os.getenv("KI_LDAP_AUTH_PASSWORD")
+app.config["KI_LDAP_BASE_DN"] = os.getenv("KI_LDAP_BASE_DN")
 
 CORS(app)
 db = SQLAlchemy(app)
diff --git a/ki/auth.py b/ki/auth.py
index 8b083bd..a542bee 100644
--- a/ki/auth.py
+++ b/ki/auth.py
@@ -60,7 +60,11 @@ def ldap_auth(username, password):
         return None
 
     if not connection.search(app.config['KI_LDAP_BASE_DN'], f"(&(objectClass=inetOrgPerson)(uid={escaped_username}))"):
-        app.logger.info(f"ldap search of {username} failed")
+        app.logger.info("ldap search failed")
+        return None
+
+    if not connection.entries:
+        app.logger.info(f"no ldap search result for {username}")
         return None
 
     user_dn = connection.entries[0].entry_dn