diff --git a/src/main/java/org/codelibs/fess/exception/LdapConfigurationException.java b/src/main/java/org/codelibs/fess/exception/LdapConfigurationException.java
new file mode 100644
index 000000000..8faad50ef
--- /dev/null
+++ b/src/main/java/org/codelibs/fess/exception/LdapConfigurationException.java
@@ -0,0 +1,25 @@
+/*
+ * Copyright 2012-2019 CodeLibs Project and the Others.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific language
+ * governing permissions and limitations under the License.
+ */
+package org.codelibs.fess.exception;
+
+public class LdapConfigurationException extends FessSystemException {
+
+    private static final long serialVersionUID = 1L;
+
+    public LdapConfigurationException(final String message) {
+        super(message);
+    }
+}
diff --git a/src/main/java/org/codelibs/fess/ldap/LdapManager.java b/src/main/java/org/codelibs/fess/ldap/LdapManager.java
index 21cc26c70..351641b4c 100644
--- a/src/main/java/org/codelibs/fess/ldap/LdapManager.java
+++ b/src/main/java/org/codelibs/fess/ldap/LdapManager.java
@@ -49,6 +49,7 @@ import org.codelibs.fess.entity.FessUser;
 import org.codelibs.fess.es.user.exentity.Group;
 import org.codelibs.fess.es.user.exentity.Role;
 import org.codelibs.fess.es.user.exentity.User;
+import org.codelibs.fess.exception.LdapConfigurationException;
 import org.codelibs.fess.exception.LdapOperationException;
 import org.codelibs.fess.helper.SystemHelper;
 import org.codelibs.fess.mylasta.direction.FessConfig;
@@ -76,17 +77,24 @@ public class LdapManager {
     protected Hashtable<String, String> createEnvironment(final String initialContextFactory, final String securityAuthentication,
             final String providerUrl, final String principal, final String credntials) {
         final Hashtable<String, String> env = new Hashtable<>();
-        env.put(Context.INITIAL_CONTEXT_FACTORY, initialContextFactory);
-        env.put(Context.SECURITY_AUTHENTICATION, securityAuthentication);
-        env.put(Context.PROVIDER_URL, providerUrl);
-        env.put(Context.SECURITY_PRINCIPAL, principal);
-        env.put(Context.SECURITY_CREDENTIALS, credntials);
+        putEnv(env, Context.INITIAL_CONTEXT_FACTORY, initialContextFactory);
+        putEnv(env, Context.SECURITY_AUTHENTICATION, securityAuthentication);
+        putEnv(env, Context.PROVIDER_URL, providerUrl);
+        putEnv(env, Context.SECURITY_PRINCIPAL, principal);
+        putEnv(env, Context.SECURITY_CREDENTIALS, credntials);
         if (providerUrl != null && providerUrl.startsWith("ldaps://")) {
-            env.put(Context.SECURITY_PROTOCOL, "ssl");
+            putEnv(env, Context.SECURITY_PROTOCOL, "ssl");
         }
         return env;
     }
 
+    protected void putEnv(final Hashtable<String, String> env, final String key, final String value) {
+        if (value == null) {
+            throw new LdapConfigurationException(key + " is null.");
+        }
+        env.put(key, value);
+    }
+
     protected Hashtable<String, String> createAdminEnv() {
         return createEnvironment(//
                 fessConfig.getLdapInitialContextFactory(), //
@@ -117,6 +125,10 @@ public class LdapManager {
 
     protected boolean validate() {
         if (!isBind) {
+            if (fessConfig.getLdapAdminSecurityPrincipal() == null || fessConfig.getLdapAdminSecurityCredentials() == null) {
+                // no credentials
+                return !fessConfig.isLdapAuthValidation();
+            }
             final Hashtable<String, String> env = createAdminEnv();
             try (DirContextHolder holder = getDirContext(() -> env)) {
                 final DirContext context = holder.get();
diff --git a/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java b/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java
index f73f9d54c..ecbab6391 100644
--- a/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java
+++ b/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java
@@ -1301,6 +1301,9 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
     /** The key of the configuration. e.g. true */
     String LDAP_ADMIN_SYNC_PASSWORD = "ldap.admin.sync.password";
 
+    /** The key of the configuration. e.g. true */
+    String LDAP_AUTH_VALIDATION = "ldap.auth.validation";
+
     /** The key of the configuration. e.g. -1 */
     String LDAP_MAX_USERNAME_LENGTH = "ldap.max.username.length";
 
@@ -5581,6 +5584,20 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
      */
     boolean isLdapAdminSyncPassword();
 
+    /**
+     * Get the value for the key 'ldap.auth.validation'. <br>
+     * The value is, e.g. true <br>
+     * @return The value of found property. (NotNull: if not found, exception but basically no way)
+     */
+    String getLdapAuthValidation();
+
+    /**
+     * Is the property for the key 'ldap.auth.validation' true? <br>
+     * The value is, e.g. true <br>
+     * @return The determination, true or false. (if not found, exception but basically no way)
+     */
+    boolean isLdapAuthValidation();
+
     /**
      * Get the value for the key 'ldap.max.username.length'. <br>
      * The value is, e.g. -1 <br>
@@ -8077,6 +8094,14 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
             return is(FessConfig.LDAP_ADMIN_SYNC_PASSWORD);
         }
 
+        public String getLdapAuthValidation() {
+            return get(FessConfig.LDAP_AUTH_VALIDATION);
+        }
+
+        public boolean isLdapAuthValidation() {
+            return is(FessConfig.LDAP_AUTH_VALIDATION);
+        }
+
         public String getLdapMaxUsernameLength() {
             return get(FessConfig.LDAP_MAX_USERNAME_LENGTH);
         }
@@ -8652,6 +8677,7 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
             defaultMap.put(FessConfig.LDAP_ADMIN_GROUP_BASE_DN, "ou=Group,dc=fess,dc=codelibs,dc=org");
             defaultMap.put(FessConfig.LDAP_ADMIN_GROUP_OBJECT_CLASSES, "groupOfNames");
             defaultMap.put(FessConfig.LDAP_ADMIN_SYNC_PASSWORD, "true");
+            defaultMap.put(FessConfig.LDAP_AUTH_VALIDATION, "true");
             defaultMap.put(FessConfig.LDAP_MAX_USERNAME_LENGTH, "-1");
             defaultMap.put(FessConfig.LDAP_IGNORE_NETBIOS_NAME, "true");
             defaultMap.put(FessConfig.LDAP_ROLE_SEARCH_USER_ENABLED, "true");
diff --git a/src/main/resources/fess_config.properties b/src/main/resources/fess_config.properties
index 8574f386a..7e0f67668 100644
--- a/src/main/resources/fess_config.properties
+++ b/src/main/resources/fess_config.properties
@@ -656,6 +656,7 @@ ldap.admin.group.base.dn=ou\=Group,dc\=fess,dc\=codelibs,dc\=org
 ldap.admin.group.object.classes=groupOfNames
 ldap.admin.sync.password=true
 
+ldap.auth.validation=true
 ldap.max.username.length=-1
 ldap.ignore.netbios.name=true