diff --git a/src/externalldap.js b/src/externalldap.js
index bdef98a59..6fa5cd192 100644
--- a/src/externalldap.js
+++ b/src/externalldap.js
@@ -40,7 +40,6 @@ function getClient(externalLdapConfig, callback) {
     // basic validation to not crash
     try { ldap.parseDN(externalLdapConfig.baseDn); } catch (e) { return callback(new BoxError(BoxError.BAD_FIELD, 'invalid baseDn')); }
     try { ldap.parseFilter(externalLdapConfig.filter); } catch (e) { return callback(new BoxError(BoxError.BAD_FIELD, 'invalid filter')); }
-    if (externalLdapConfig.bindDn) try { ldap.parseFilter(externalLdapConfig.bindDn); } catch (e) { return callback(new BoxError(BoxError.INVALID_CREDENTIALS)); }
 
     var client;
     try {
@@ -70,6 +69,7 @@ function testConfig(config, callback) {
     if (!config.baseDn) return callback(new BoxError(BoxError.BAD_FIELD, 'basedn must not be empty'));
     if (!config.filter) return callback(new BoxError(BoxError.BAD_FIELD, 'filter must not be empty'));
     if (!config.usernameField) config.usernameField = 'uid';
+    // bindDn may not be a dn!
 
     getClient(config, function (error, client) {
         if (error) return callback(error);