diff --git a/lib/auth/ldap.rb b/lib/auth/ldap.rb
index 95fb38d2e..dad7ea67a 100644
--- a/lib/auth/ldap.rb
+++ b/lib/auth/ldap.rb
@@ -22,8 +22,9 @@ class Auth
       log_auth_result(user, authed)
       authed
     rescue => e
-      message = "Can't connect to ldap backend, #{e}"
+      message = "Can't connect to ldap backend #{e}"
       Rails.logger.info message
+      Rails.logger.info e
       log(
         user:     user,
         status:   'failed',
diff --git a/lib/ldap/user.rb b/lib/ldap/user.rb
index d53e30ecb..9b6455003 100644
--- a/lib/ldap/user.rb
+++ b/lib/ldap/user.rb
@@ -82,9 +82,10 @@ class Ldap
     #
     # @return [nil]
     def initialize(config = nil, ldap: nil)
-      @ldap = ldap || ::Ldap.new(config)
+      @config = config || Setting.get('ldap_config')
+      @ldap   = ldap || ::Ldap.new(@config)
 
-      handle_config(config)
+      handle_config
     end
 
     # Checks if given username and password combination is valid for the connected LDAP.
@@ -100,12 +101,12 @@ class Ldap
     def valid?(username, password)
       bind_success = @ldap.connection.bind_as(
         base: @ldap.base_dn,
-        filter: "(#{uid_attribute}=#{username})",
+        filter: "(#{login_attribute}=#{username})",
         password: password
       )
 
       message = bind_success ? 'successful' : 'failed'
-      Rails.logger.info "ldap authentication for user '#{username}' (#{uid_attribute}) #{message}!"
+      Rails.logger.info "ldap authentication for user '#{username}' (#{login_attribute}) #{message}!"
       bind_success.present?
     end
 
@@ -177,7 +178,13 @@ class Ldap
 
     private
 
-    def handle_config(config)
+    attr_reader :config
+
+    def login_attribute
+      @login_attribute ||= config[:user_attributes]&.key('login') || uid_attribute
+    end
+
+    def handle_config
       return if config.blank?
       @uid_attribute = config[:uid_attribute]
       @filter        = config[:filter]
diff --git a/spec/lib/ldap/user_spec.rb b/spec/lib/ldap/user_spec.rb
index 3f06e9b21..8bf5657ec 100644
--- a/spec/lib/ldap/user_spec.rb
+++ b/spec/lib/ldap/user_spec.rb
@@ -13,10 +13,10 @@ RSpec.describe Ldap::User do
 
     it 'returns uid attribute string from given attribute strucutre' do
       attributes = {
-        samaccountname: 'TEST',
-        custom:         'value',
+        objectguid: 'TEST',
+        custom:     'value',
       }
-      expect(described_class.uid_attribute(attributes)).to eq('samaccountname')
+      expect(described_class.uid_attribute(attributes)).to eq('objectguid')
     end
 
     it 'returns nil if no attribute could be found' do
@@ -54,7 +54,7 @@ RSpec.describe Ldap::User do
 
     it 'takes optional uid_attribute' do
 
-      uid_attribute = 'samaccountname'
+      uid_attribute = 'objectguid'
       config = {
         uid_attribute: uid_attribute
       }
@@ -74,7 +74,7 @@ RSpec.describe Ldap::User do
 
     let(:initialization_config) do
       {
-        uid_attribute: 'samaccountname',
+        uid_attribute: 'objectguid',
         filter:        '(objectClass=user)',
       }
     end
@@ -147,7 +147,7 @@ RSpec.describe Ldap::User do
 
       let(:initialization_config) do
         {
-          uid_attribute: 'samaccountname',
+          uid_attribute: 'objectguid',
         }
       end
 
@@ -182,7 +182,7 @@ RSpec.describe Ldap::User do
         ldap_entry = build(:ldap_entry)
 
         # selectable attribute
-        ldap_entry['samaccountname'] = 'test@example.com'
+        ldap_entry['objectguid'] = 'f742b361-32c6-4a92-baaa-eaae7df657ee'
 
         expect(mocked_ldap).to receive(:search).and_yield(ldap_entry)