diff --git a/api/http/handler/auth/authenticate.go b/api/http/handler/auth/authenticate.go
index f5da2b59b..696465a26 100644
--- a/api/http/handler/auth/authenticate.go
+++ b/api/http/handler/auth/authenticate.go
@@ -127,9 +127,9 @@ func (handler *Handler) authenticateLDAP(w http.ResponseWriter, user *portainer.
 		}
 	}
 
-	err = handler.addUserIntoTeams(user, ldapSettings)
+	err = handler.syncUserTeamsWithLDAPGroups(user, ldapSettings)
 	if err != nil {
-		log.Warn().Err(err).Msg("unable to automatically add user into teams")
+		log.Warn().Err(err).Msg("unable to automatically sync user teams with ldap")
 	}
 
 	return handler.writeToken(w, user, false)
@@ -150,7 +150,12 @@ func (handler *Handler) persistAndWriteToken(w http.ResponseWriter, tokenData *p
 	return response.JSON(w, &authenticateResponse{JWT: token})
 }
 
-func (handler *Handler) addUserIntoTeams(user *portainer.User, settings *portainer.LDAPSettings) error {
+func (handler *Handler) syncUserTeamsWithLDAPGroups(user *portainer.User, settings *portainer.LDAPSettings) error {
+	// only sync if there is a group base DN
+	if len(settings.GroupSearchSettings) == 0 || len(settings.GroupSearchSettings[0].GroupBaseDN) == 0 {
+		return nil
+	}
+
 	teams, err := handler.DataStore.Team().Teams()
 	if err != nil {
 		return err