diff --git a/radicale/auth/ldap.py b/radicale/auth/ldap.py
index b536fa68..23355d37 100644
--- a/radicale/auth/ldap.py
+++ b/radicale/auth/ldap.py
@@ -59,6 +59,7 @@ class Auth(auth.BaseAuth):
     def _login2(self, login: str, password: str) -> str:
         try:
             """Bind as reader dn"""
+            logger.debug(f"_login2 {self._ldap_uri}, {self._ldap_reader_dn}")
             conn = self.ldap.initialize(self._ldap_uri)
             conn.protocol_version = 3
             conn.set_option(self.ldap.OPT_REFERRALS, 0)
@@ -72,8 +73,8 @@ class Auth(auth.BaseAuth):
             logger.debug("LDAP Auth user: %s", user_dn)
             """Close ldap connection"""
             conn.unbind()
-        except Exception:
-            raise RuntimeError("Invalide ldap configuration")
+        except Exception as e:
+            raise RuntimeError(f"Invalid ldap configuration:{e}")
 
         try:
             """Bind as user to authenticate"""
@@ -96,43 +97,52 @@ class Auth(auth.BaseAuth):
     def _login3(self, login: str, password: str) -> str:
         """Connect the server"""
         try:
+            logger.debug(f"_login3 {self._ldap_uri}, {self._ldap_reader_dn}")
             server = self.ldap3.Server(self._ldap_uri)
             conn = self.ldap3.Connection(server, self._ldap_reader_dn, password=self._ldap_secret)
         except self.ldap3.core.exceptions.LDAPSocketOpenError:
             raise RuntimeError("Unable to reach ldap server")
-        except Exception:
+        except Exception as e:
+            logger.debug(f"_login3 error 1 {e}")
             pass
 
         if not conn.bind():
+            logger.debug("_login3 can not bind")
             raise RuntimeError("Unable to read from ldap server")
 
+        logger.debug(f"_login3 bind as {self._ldap_reader_dn}")
         """Search the user dn"""
         conn.search(
             search_base=self._ldap_base,
             search_filter=self._ldap_filter.format(login),
-            search_scope='SUBTREE',
+            search_scope=self.ldap3.SUBTREE,
             attributes=['memberOf']
         )
         if len(conn.entries) == 0:
+            logger.debug(f"_login3 user '{login}' can not be find")
             """User could not be find"""
             return ""
 
-        user_entry = conn.entries[0].entry_to_json()
+        user_entry = conn.response[0]
         conn.unbind()
         user_dn = user_entry['dn']
+        logger.debug(f"_login3 found user_dn {user_dn}")
         try:
             """Try to bind as the user itself"""
             conn = self.ldap3.Connection(server, user_dn, password=password)
             if not conn.bind():
+                logger.debug(f"_login3 user '{login}' can not be find")
                 return ""
             if self._ldap_load_groups:
                 tmp = []
                 for g in user_entry['attributes']['memberOf']:
-                    tmp.append(g)
+                    tmp.append(g.split(',')[0][3:])
                 self._ldap_groups = set(tmp)
             conn.unbind()
+            logger.debug(f"_login3 {login} successfully authorized")
             return login
-        except Exception:
+        except Exception as e:
+            logger.debug(f"_login3 error 2 {e}")
             pass
         return ""