diff --git a/domain/auth/ldap/endpoint.go b/domain/auth/ldap/endpoint.go
index eb138af6..e3dfaacb 100644
--- a/domain/auth/ldap/endpoint.go
+++ b/domain/auth/ldap/endpoint.go
@@ -58,6 +58,7 @@ func (h *Handler) Preview(w http.ResponseWriter, r *http.Request) {
 		IsError bool        `json:"isError"`
 		Users   []user.User `json:"users"`
 	}
+	result.Users = []user.User{}
 
 	// Read the request.
 	defer streamutil.Close(r.Body)
diff --git a/domain/auth/ldap/ldap.go b/domain/auth/ldap/ldap.go
index 8beb0be6..f46e85b9 100644
--- a/domain/auth/ldap/ldap.go
+++ b/domain/auth/ldap/ldap.go
@@ -257,21 +257,27 @@ func convertUsers(c lm.LDAPConfig, lu []lm.LDAPUser) (du []user.User) {
 // FetchUsers from LDAP server using both User and Group filters.
 func fetchUsers(c lm.LDAPConfig) (du []user.User, err error) {
 	du = []user.User{}
+	e1 := []lm.LDAPUser{}
+	e2 := []lm.LDAPUser{}
+	e3 := []lm.LDAPUser{}
 
-	e1, err := executeUserFilter(c)
-	if err != nil {
-		err = errors.Wrap(err, "unable to execute user filter")
-		return
+	if len(c.UserFilter) > 0 {
+		e1, err = executeUserFilter(c)
+		if err != nil {
+			err = errors.Wrap(err, "unable to execute user filter")
+			return
+		}
 	}
 
-	e2, err := executeGroupFilter(c)
-	if err != nil {
-		err = errors.Wrap(err, "unable to execute group filter")
-		return
+	if len(c.GroupFilter) > 0 {
+		e2, err = executeGroupFilter(c)
+		if err != nil {
+			err = errors.Wrap(err, "unable to execute group filter")
+			return
+		}
 	}
 
 	// convert users from LDAP format to Documize format.
-	e3 := []lm.LDAPUser{}
 	e3 = append(e3, e1...)
 	e3 = append(e3, e2...)
 	du = convertUsers(c, e3)
diff --git a/domain/auth/ldap/local_test.go b/domain/auth/ldap/local_test.go
index 2dcc5c6d..bbc5d1e8 100644
--- a/domain/auth/ldap/local_test.go
+++ b/domain/auth/ldap/local_test.go
@@ -28,8 +28,8 @@ var testConfigLocalLDAP = lm.LDAPConfig{
 	BaseDN:                   "ou=people,dc=planetexpress,dc=com",
 	BindDN:                   "cn=admin,dc=planetexpress,dc=com",
 	BindPassword:             "GoodNewsEveryone",
-	UserFilter:               "",
-	GroupFilter:              "",
+	UserFilter:               "(|(objectClass=person)(objectClass=user)(objectClass=inetOrgPerson))",
+	GroupFilter:              "(&(objectClass=group)(|(cn=ship_crew)(cn=admin_staff)))",
 	AttributeUserRDN:         "uid",
 	AttributeUserFirstname:   "givenName",
 	AttributeUserLastname:    "sn",
@@ -40,8 +40,6 @@ var testConfigLocalLDAP = lm.LDAPConfig{
 }
 
 func TestUserFilter_LocalLDAP(t *testing.T) {
-	testConfigLocalLDAP.UserFilter = "(|(objectClass=person)(objectClass=user)(objectClass=inetOrgPerson))"
-
 	e, err := executeUserFilter(testConfigLocalLDAP)
 	if err != nil {
 		t.Error("unable to exeucte user filter", err.Error())
@@ -61,14 +59,12 @@ func TestUserFilter_LocalLDAP(t *testing.T) {
 }
 
 func TestDualFilters_LocalLDAP(t *testing.T) {
-	testConfigLocalLDAP.UserFilter = "(|(objectClass=person)(objectClass=user)(objectClass=inetOrgPerson))"
 	e1, err := executeUserFilter(testConfigLocalLDAP)
 	if err != nil {
 		t.Error("unable to exeucte user filter", err.Error())
 		return
 	}
 
-	testConfigLocalLDAP.GroupFilter = "(&(objectClass=group)(|(cn=ship_crew)(cn=admin_staff)))"
 	e2, err := executeGroupFilter(testConfigLocalLDAP)
 	if err != nil {
 		t.Error("unable to exeucte group filter", err.Error())
@@ -87,8 +83,6 @@ func TestDualFilters_LocalLDAP(t *testing.T) {
 }
 
 func TestGroupFilter_LocalLDAP(t *testing.T) {
-	testConfigLocalLDAP.GroupFilter = "(&(objectClass=group)(|(cn=ship_crew)(cn=admin_staff)))"
-
 	e, err := executeGroupFilter(testConfigLocalLDAP)
 	if err != nil {
 		t.Error("unable to exeucte group filter", err.Error())
diff --git a/gui/app/components/customize/auth-settings.js b/gui/app/components/customize/auth-settings.js
index 9349d27f..022a531f 100644
--- a/gui/app/components/customize/auth-settings.js
+++ b/gui/app/components/customize/auth-settings.js
@@ -15,11 +15,13 @@ import { set } from '@ember/object';
 import { copy } from '@ember/object/internals';
 import { inject as service } from '@ember/service';
 import Notifier from '../../mixins/notifier';
+import ModalMixin from '../../mixins/modal';
 import encoding from '../../utils/encoding';
 import Component from '@ember/component';
 
-export default Component.extend(Notifier, {
+export default Component.extend(ModalMixin, Notifier, {
 	appMeta: service(),
+	globalSvc: service('global'),
 
 	isDocumizeProvider: computed('authProvider', function() {
 		return this.get('authProvider') === this.get('constants').AuthProvider.Documize;
@@ -156,6 +158,19 @@ export default Component.extend(Notifier, {
 			this.set('ldapConfig.encryptionType', e);
 		},
 
+		onLDAPPreview() {
+			this.showWait();
+
+			let config = this.get('ldapConfig');
+			config.serverPort = parseInt(this.get('ldapConfig.serverPort'));
+
+			this.get('globalSvc').previewLDAP(config).then((preview) => {
+				this.set('ldapPreview', preview);
+				this.modalOpen("#ldap-preview-modal", {"show": true});
+				this.showDone();
+			});
+		},
+
 		onSave() {
 			let constants = this.get('constants');
 			let provider = this.get('authProvider');
diff --git a/gui/app/templates/components/customize/auth-settings.hbs b/gui/app/templates/components/customize/auth-settings.hbs
index 2a4e39b4..958e1be9 100644
--- a/gui/app/templates/components/customize/auth-settings.hbs
+++ b/gui/app/templates/components/customize/auth-settings.hbs
@@ -131,7 +131,7 @@
 			<div class="form-group row">
 				<label for="ldap-baseDN" class="col-sm-3 col-form-label">Base DN</label>
 				<div class="col-sm-9">
-					{{input id="ldap-baseDN" type="number" value=ldapConfig.baseDN class='form-control'}}
+					{{input id="ldap-baseDN" type="text" value=ldapConfig.baseDN class='form-control'}}
 					<small class="form-text text-muted">Starting point for search filters, e.g. ou=users,dc=example,dc=com</small>
 				</div>
 			</div>
@@ -214,12 +214,39 @@
 					{{x-toggle value=ldapConfig.defaultPermissionAddSpace size="medium" theme="light" onToggle=(action (mut ldapConfig.defaultPermissionAddSpace))}}
 				</div>
 			</div>
+			<div class="form-group row">
+				<div class="col-sm-3"></div>
+				<div class="col-sm-9">
+					<div class="btn btn-secondary mt-4" {{action 'onLDAPPreview'}}>Test Connection & Preview pauth&rarr;</div>
+				</div>
+			</div>
 		{{/if}}
 
-		<div class="btn btn-success mt-4" {{action 'onSave'}}>Save</div>
+		<div class="btn btn-success mt-4" {{action 'onSave'}}>ACTIVATE</div>
 	</form>
 
 	{{#if (gt keycloakFailure.length 0)}}
 		<p class="admin-setting-failure my-3">Keycloak connection failed: {{keycloakFailure}}</p>
 	{{/if}}
+</div>
+
+<div id="ldap-preview-modal" class="modal" tabindex="-1" role="dialog">
+	<div class="modal-dialog" role="document">
+		<div class="modal-content">
+			<div class="modal-header">LDAP Preview</div>
+			<div class="modal-body">
+				{{#if ldapPreview.isError}}
+					<p class="text-danger">{{ldapPreview.message}}</p>
+				{{else}}
+					<p class="text-success">Connection successful.</p>
+					{{#each ldapPreview.users as |user|}}
+						<p>{{user.firstname}} {{user.firstname}} ({{user.email}})</p>
+					{{/each}}
+				{{/if}}
+			</div>
+			<div class="modal-footer">
+				<button type="button" class="btn btn-secondary" data-dismiss="modal">Close</button>
+			</div>
+		</div>
+	</div>
 </div>
\ No newline at end of file