diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c

index 29e26db..0723fd8 100644

--- a/modules/lookup_ldap.c

+++ b/modules/lookup_ldap.c

@@ -261,7 +261,7 @@ static int get_query_dn(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt

 {

 	char buf[PARSE_MAX_BUF];

 	char *query, *dn, *qdn;

-	LDAPMessage *result = NULL, *e;

+	LDAPMessage *result, *e;

 	struct ldap_searchdn *sdns = NULL;

 	char *attrs[2];

 	struct berval **value;

@@ -319,52 +319,71 @@ static int get_query_dn(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt

 		}

 	}

-	if (!ctxt->sdns)

+	dn = NULL;

+	if (!ctxt->sdns) {

 		rv = ldap_search_s(ldap, ctxt->base,

 				   scope, query, attrs, 0, &result);

-	else {

+		if ((rv != LDAP_SUCCESS) || !result) {

+			error(logopt,

+			      MODPREFIX "query failed for %s: %s",

+			      query, ldap_err2string(rv));

+			return 0;

+		}

+

+		e = ldap_first_entry(ldap, result);

+		if (e && (value = ldap_get_values_len(ldap, e, key))) {

+			ldap_value_free_len(value);

+			dn = ldap_get_dn(ldap, e);

+			debug(logopt, MODPREFIX "found query dn %s", dn);

+		} else {

+			debug(logopt,

+			      MODPREFIX "query succeeded, no matches for %s",

+			      query);

+			ldap_msgfree(result);

+			return 0;

+		}

+	} else {

 		struct ldap_searchdn *this = ctxt->sdns;

 		debug(logopt, MODPREFIX "check search base list");

+		result = NULL;

 		while (this) {

 			rv = ldap_search_s(ldap, this->basedn,

 					   scope, query, attrs, 0, &result);

-

 			if ((rv == LDAP_SUCCESS) && result) {

 				debug(logopt, MODPREFIX

 				      "found search base under %s",

 				      this->basedn);

-				break;

+

+				e = ldap_first_entry(ldap, result);

+				if (e && (value = ldap_get_values_len(ldap, e, key))) {

+					ldap_value_free_len(value);

+					dn = ldap_get_dn(ldap, e);

+					debug(logopt, MODPREFIX "found query dn %s", dn);

+					break;

+				} else {

+					debug(logopt,

+					      MODPREFIX "query succeeded, no matches for %s",

+					      query);

+					ldap_msgfree(result);

+					result = NULL;

+				}

+			} else {

+				error(logopt,

+				      MODPREFIX "query failed for search dn %s: %s",

+				      this->basedn, ldap_err2string(rv));

 			}

 			this = this->next;

-

-			if (result) {

-				ldap_msgfree(result);

-				result = NULL;

-			}

 		}

-	}

-

-	if ((rv != LDAP_SUCCESS) || !result) {

-		error(logopt,

-		      MODPREFIX "query failed for %s: %s",

-		      query, ldap_err2string(rv));

-		return 0;

-	}

-	e = ldap_first_entry(ldap, result);

-	if (e && (value = ldap_get_values_len(ldap, e, key))) {

-		ldap_value_free_len(value);

-		dn = ldap_get_dn(ldap, e);

-		debug(logopt, MODPREFIX "found query dn %s", dn);

-	} else {

-		debug(logopt,

-		      MODPREFIX "query succeeded, no matches for %s",

-		      query);

-		ldap_msgfree(result);

-		return 0;

+		if (!result) {

+			ldap_msgfree(result);

+			error(logopt,

+			      MODPREFIX "failed to find query dn under search base dns");

+			return 0;

+		}

 	}

 	qdn = strdup(dn);

@@ -1290,8 +1309,12 @@ int lookup_init(const char *mapfmt, int argc, const char *const *argv, void **co

 			validate_uris(uris);

 			if (!list_empty(uris))

 				ctxt->uri = uris;

-			else 

+			else {

+				error(LOGOPT_ANY,

+				      "no valid uris found in config list"

+				      ", using default system config");

 				free(uris);

+			}

 		}

 	}