diff --git a/rhodecode/lib/auth.py b/rhodecode/lib/auth.py
--- a/rhodecode/lib/auth.py
+++ b/rhodecode/lib/auth.py
@@ -205,12 +205,12 @@ def authenticate(username, password):
                 log.debug('Got ldap DN response %s', user_dn)
 
                 user_attrs = {
-                    'name': ldap_attrs[ldap_settings\
-                                       .get('ldap_attr_firstname')][0],
-                    'lastname': ldap_attrs[ldap_settings\
-                                           .get('ldap_attr_lastname')][0],
-                    'email': ldap_attrs[ldap_settings\
-                                        .get('ldap_attr_email')][0],
+                    'name': ldap_attrs.get(ldap_settings\
+                                       .get('ldap_attr_firstname'), [''])[0],
+                    'lastname': ldap_attrs.get(ldap_settings\
+                                           .get('ldap_attr_lastname'),[''])[0],
+                    'email': ldap_attrs.get(ldap_settings\
+                                        .get('ldap_attr_email'), [''])[0],
                     }
 
                 if user_model.create_ldap(username, password, user_dn,
diff --git a/rhodecode/lib/auth_ldap.py b/rhodecode/lib/auth_ldap.py
--- a/rhodecode/lib/auth_ldap.py
+++ b/rhodecode/lib/auth_ldap.py
@@ -105,9 +105,10 @@ class AuthLdap(object):
             if not lobjects:
                 raise ldap.NO_SUCH_OBJECT()
 
-            for (dn, attrs) in lobjects:
+            for (dn, _attrs) in lobjects:
                 try:
                     server.simple_bind_s(dn, password)
+                    attrs = server.search_ext_s(dn, ldap.SCOPE_BASE, '(objectClass=*)')[0][1]
                     break
 
                 except ldap.INVALID_CREDENTIALS, e: