diff --git a/server/www/teleport/view/user/user-list.mako b/server/www/teleport/view/user/user-list.mako
index 8f86c68..421480c 100644
--- a/server/www/teleport/view/user/user-list.mako
+++ b/server/www/teleport/view/user/user-list.mako
@@ -391,7 +391,7 @@
                         <div class="form-group form-group-sm">
                             <label for="edit-ldap-host" class="col-sm-2 control-label require">主机：</label>
                             <div class="col-sm-4">
-                                <input id="edit-ldap-host" type="text" class="form-control" placeholder="LDAP服务器IP或域名" value="192.168.0.68"/>
+                                <input id="edit-ldap-host" type="text" class="form-control" placeholder="LDAP服务器IP或域名" value="192.168.0.10"/>
                             </div>
                         </div>
 
@@ -405,7 +405,7 @@
                         <div class="form-group form-group-sm">
                             <label for="edit-ldap-domain" class="col-sm-2 control-label require">域：</label>
                             <div class="col-sm-4">
-                                <input id="edit-ldap-domain" type="text" class="form-control" placeholder="" value="ops"/>
+                                <input id="edit-ldap-domain" type="text" class="form-control" placeholder="" value="apexnas.com"/>
                             </div>
                             <div class="col-sm-6">
                                 <div class="control-desc">teleport将会用 <span class="important">用户名@域</span> 来访问此LDAP服务器。</div>
@@ -415,7 +415,7 @@
                         <div class="form-group form-group-sm">
                             <label for="edit-ldap-admin" class="col-sm-2 control-label require">管理员：</label>
                             <div class="col-sm-4">
-                                <input id="edit-ldap-admin" type="text" class="form-control" placeholder="" value="Administrator"/>
+                                <input id="edit-ldap-admin" type="text" class="form-control" placeholder="" value="cn=admin,dc=apexnas,dc=com"/>
                             </div>
                             <div class="col-sm-6">
                                 <div class="control-desc">LDAP服务的管理员账号，用于列举用户、同步账号。</div>
@@ -441,7 +441,7 @@
                         <div class="form-group form-group-sm">
                             <label for="edit-ldap-base-dn" class="col-sm-2 control-label require">用户基准DN：</label>
                             <div class="col-sm-9">
-                                <input id="edit-ldap-base-dn" type="text" class="form-control" placeholder="" value="CN=Users,DC=ops,DC=tp4a,DC=com"/>
+                                <input id="edit-ldap-base-dn" type="text" class="form-control" placeholder="" value="ou=people,dc=apexnas,dc=com"/>
                                 <div class="control-desc-sm">限制用户DN的范围，例如 <span class="important">ou=dev,ou=company,ou=com</span>。用户的完整DN为 <span class="important">cn=用户登录名,用户基准DN</span>。</div>
                             </div>
                         </div>
diff --git a/server/www/teleport/webroot/app/controller/user.py b/server/www/teleport/webroot/app/controller/user.py
index 7ecd378..4af4a6d 100755
--- a/server/www/teleport/webroot/app/controller/user.py
+++ b/server/www/teleport/webroot/app/controller/user.py
@@ -936,6 +936,7 @@ class DoLdapConfigTestHandler(TPBaseJsonHandler):
             else:
                 return self.write_json(ret, data=data)
         except:
+            log.e('')
             return self.write_json(TPE_PARAM)
 
 
diff --git a/server/www/teleport/webroot/app/logic/auth/ldap.py b/server/www/teleport/webroot/app/logic/auth/ldap.py
index f8c7467..3318b35 100644
--- a/server/www/teleport/webroot/app/logic/auth/ldap.py
+++ b/server/www/teleport/webroot/app/logic/auth/ldap.py
@@ -38,7 +38,8 @@ class Ldap(object):
         if attrs_ldap is None:
             return TPE_PARAM, None, '属性映射格式错误: {}'.format(msg)
 
-        user = '{}@{}'.format(admin, self._domain)
+        # user = '{}@{}'.format(admin, self._domain)
+        user = admin
         conn = ldap3.Connection(self._server, user=user, password=password, check_names=True, lazy=False, raise_exceptions=False)
         try:
             conn.open()
@@ -50,6 +51,25 @@ class Ldap(object):
         if not ('result' in conn.result and 0 == conn.result['result'] and 'description' in conn.result and 'success' == conn.result['description']):
             return TPE_FAILED, None, 'LDAP管理员认证失败'
 
+        # for test, list all attributes.
+        ret_a = conn.search(
+            search_base=self._base_dn,
+            size_limit=size_limit,
+
+            # search_filter='(&(sAMAccountName={}*)(&(objectClass=person)))'.format(username),
+            # search_filter=filter,  # (&(objectClass=person))
+            search_filter='(cn=*)',
+            search_scope=ldap3.SUBTREE,
+
+            # attributes=['cn', 'mail', 'sAMAccountName', 'objectGUID']
+            attributes=['*']
+        )
+        if len(conn.response) == 0:
+            return TPE_FAILED, [], ''
+        u = conn.response[0]
+        log.v(u['attributes'])
+
+        # ...
         ret = conn.search(
             search_base=self._base_dn,
             size_limit=size_limit,