diff --git a/config/config.go b/config/config.go
index 6cfc9860..8d884465 100644
--- a/config/config.go
+++ b/config/config.go
@@ -385,7 +385,7 @@ func validateConfig(c *Config) error {
 			"and 'tls_cert_file' specified.")
 	}
 
-	if c.AllowUnauthenticatedReads && c.TLSCaFile == "" && c.HtpasswdFile == "" && c.LDAP.URL == "" {
+	if c.AllowUnauthenticatedReads && c.TLSCaFile == "" && c.HtpasswdFile == "" && c.LDAP == nil {
 		return errors.New("AllowUnauthenticatedReads setting is only available when authentication is enabled")
 	}
 
diff --git a/main.go b/main.go
index 2158058c..060a9490 100644
--- a/main.go
+++ b/main.go
@@ -283,7 +283,7 @@ func startHttpServer(c *config.Config, httpServer **http.Server,
 			statusHandler = h.VerifyClientCertHandler(statusHandler).ServeHTTP
 		} else if c.HtpasswdFile != "" {
 			statusHandler = basicAuthWrapper(statusHandler, &basicAuthenticator)
-		} else if c.LDAP.URL != "" {
+		} else if c.LDAP != nil {
 			statusHandler = ldapAuthWrapper(statusHandler, ldapAuthenticator)
 		}
 	}
@@ -303,7 +303,7 @@ func startHttpServer(c *config.Config, httpServer **http.Server,
 				middlewareHandler = h.VerifyClientCertHandler(middlewareHandler)
 			} else if c.HtpasswdFile != "" {
 				middlewareHandler = basicAuthWrapper(middlewareHandler.ServeHTTP, &basicAuthenticator)
-			} else if c.LDAP.URL != "" {
+			} else if c.LDAP != nil {
 				middlewareHandler = ldapAuthWrapper(middlewareHandler.ServeHTTP, ldapAuthenticator)
 			}
 		}