diff --git a/static/directives/config/config-setup-tool.html b/static/directives/config/config-setup-tool.html
index 2ed51dd5c..219dea4a3 100644
--- a/static/directives/config/config-setup-tool.html
+++ b/static/directives/config/config-setup-tool.html
@@ -309,7 +309,13 @@
         <table class="config-table" ng-if="config.AUTHENTICATION_TYPE == 'LDAP'">
           <tr>
             <td>LDAP URI:</td>
-            <td><span class="config-string-field" binding="config.LDAP_URI"></span></td>
+            <td>
+              <span class="config-string-field" binding="config.LDAP_URI"
+                    pattern="ldap(s)?://.+"></span>
+              <div class="help-text">
+              The full LDAP URI, including the ldap:// or ldaps:// prefix.
+              </div>
+            </td>
           </tr>
           <tr>
             <td>Administrator DN:</td>
diff --git a/util/config/validator.py b/util/config/validator.py
index 271ce678e..b009cc0c0 100644
--- a/util/config/validator.py
+++ b/util/config/validator.py
@@ -232,12 +232,17 @@ def _validate_ldap(config):
     raise Exception('Missing Admin Password for LDAP configuration')
 
   ldap_uri = config.get('LDAP_URI', 'ldap://localhost')
+  if not ldap_uri.startswith('ldap://') and not ldap_uri.startswith('ldaps://'):
+    raise Exception('LDAP URI must start with ldap:// or ldaps://')
 
   try:
     with LDAPConnection(ldap_uri, admin_dn, admin_passwd):
       pass
   except ldap.LDAPError as ex:
     values = ex.args[0] if ex.args else {}
+    if not isinstance(values, dict):
+      raise Exception(str(ex.args))
+
     raise Exception(values.get('desc', 'Unknown error'))
 
 

LDAP URI:		+ + + The full LDAP URI, including the ldap:// or ldaps:// prefix. + +
Administrator DN: