Enabled LDAP but no Single Sign On option presents

We've deployed metabase to our k8s cluster and configured an LDAP server through Admin>Authentication>LDAP

It shows a green light and says LDAP is active

However, nothing has changed with the service... The log in page is exactly the same, I still create users as an admin exactly the same, beyond the green light on the LDAP widget, I have no indication anything is different.

My expectation was that enabling LDAP would present logged-out or new users with a page prompting them to login with their Active Directory credentials but I'm not sure if I'm just wrong about that or if there is a setting somewhere I forgot to switch.

Hi @tjw
Please post "Diagnostic Info" from Admin > Troubleshooting.
When you enable LDAP, then the login will say "Username or email address" instead of "Email address".
That's the only visual indication for the user.

Here is the Diagnostic Info.

I'll ask someone in my org to try to login directly with their AD credentials to see if maybe it is working and I was just unable to notice.

EDIT: my AD credentials were not accepted and UI does say "Username or email address"

  "browser-info": {
    "language": "en-US",
    "platform": "MacIntel",
    "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36",
    "vendor": "Google Inc."
  "system-info": {
    "file.encoding": "UTF-8",
    "java.runtime.name": "OpenJDK Runtime Environment",
    "java.runtime.version": "11.0.10+9",
    "java.vendor": "AdoptOpenJDK",
    "java.vendor.url": "https://adoptopenjdk.net/",
    "java.version": "11.0.10",
    "java.vm.name": "OpenJDK 64-Bit Server VM",
    "java.vm.version": "11.0.10+9",
    "os.name": "Linux",
    "os.version": "5.10.25-flatcar",
    "user.language": "en",
    "user.timezone": "GMT"
  "metabase-info": {
    "databases": [
    "hosting-env": "unknown",
    "application-database": "mysql",
    "application-database-details": {
      "database": {
        "name": "MySQL",
        "version": "5.7.12"
      "jdbc-driver": {
        "name": "MariaDB Connector/J",
        "version": "2.6.2"
    "run-mode": "prod",
    "version": {
      "date": "2021-03-17",
      "tag": "v0.38.2",
      "branch": "release-x.38.x",
      "hash": "91f0ed6"
    "settings": {
      "report-timezone": "America/New_York"

@tjw Do you have a user in Metabase with the same email as the one in the AD - then that is likely causing the problems.
Post the logs from Admin > Troubleshooting > Logs, and check your LDAP debug log for why it's failing.
Just want to make sure that you have read the last sections of the documentation:

THank you for your help flamber.

After reviewing those logs you linked I was able to work with someone to debug our LDAP configuration and it appears to be working now.

@tjw Since others might be having similar issue, it would be helpful if you wrote what the problem was and how you solved it.

The issue appears to have been with our LDAP configuration -- but I was working with someone else who configured the LDAP stuff. Looking at the logs as detailed above was where I was able to find the right error message that helped him understand the problem, but I never really did -- beyond knowing it was an issue with a configuration on the LDAP side, not metabase