diff --git a/api/src/main/java/io/kafbat/ui/config/auth/LdapProperties.java b/api/src/main/java/io/kafbat/ui/config/auth/LdapProperties.java
index 3478d3fbc..d2849fc2f 100644
--- a/api/src/main/java/io/kafbat/ui/config/auth/LdapProperties.java
+++ b/api/src/main/java/io/kafbat/ui/config/auth/LdapProperties.java
@@ -20,7 +20,7 @@ public class LdapProperties {
 
   @Value("${oauth2.ldap.activeDirectory:false}")
   private boolean isActiveDirectory;
-  @Value("${oauth2.ldap.activeDirectory.domain:@null}")
+  @Value("${oauth2.ldap.activeDirectory.domain:#{null}}")
   private String activeDirectoryDomain;
 
 }
diff --git a/api/src/main/java/io/kafbat/ui/config/auth/LdapSecurityConfig.java b/api/src/main/java/io/kafbat/ui/config/auth/LdapSecurityConfig.java
index 4267a4b0e..06444b9f1 100644
--- a/api/src/main/java/io/kafbat/ui/config/auth/LdapSecurityConfig.java
+++ b/api/src/main/java/io/kafbat/ui/config/auth/LdapSecurityConfig.java
@@ -12,6 +12,7 @@
 import java.util.stream.Stream;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
@@ -163,6 +164,10 @@ public SecurityWebFilterChain configureLdap(ServerHttpSecurity http) {
   }
 
   private ActiveDirectoryLdapAuthenticationProvider activeDirectoryProvider(LdapAuthoritiesPopulator populator) {
+    if (StringUtils.isBlank(props.getActiveDirectoryDomain())) {
+      throw new IllegalArgumentException("Active Directory domain is required but not specified");
+    }
+
     ActiveDirectoryLdapAuthenticationProvider provider = new ActiveDirectoryLdapAuthenticationProvider(
         props.getActiveDirectoryDomain(),
         props.getUrls()