diff --git a/docs/content.en/docs/release-notes/_index.md b/docs/content.en/docs/release-notes/_index.md
index 8e61eccb..295d5d57 100644
--- a/docs/content.en/docs/release-notes/_index.md
+++ b/docs/content.en/docs/release-notes/_index.md
@@ -24,6 +24,7 @@ Information about release notes of INFINI Console is provided here.
 - Update agent config with cluster name (#148)
 - Optimize UI of histogram and datepicker in discover (#151)
 - Support viewing logs for cluster, node, index health change events (#150)
+- Enhance LDAP authentication logging (#156)
 - Optimize UI for copying metric requests (#155)
 
 ## 1.28.2 (2025-02-15)
diff --git a/docs/content.zh/docs/release-notes/_index.md b/docs/content.zh/docs/release-notes/_index.md
index 85b7ea2e..a6d128f3 100644
--- a/docs/content.zh/docs/release-notes/_index.md
+++ b/docs/content.zh/docs/release-notes/_index.md
@@ -24,6 +24,7 @@ title: "版本历史"
 - 优化下发给 Agent 的配置，增加集群名称 (#148)
 - 优化柱状图和时间选择器的 UI (#151)
 - 集群，节点，索引健康状态变更支持查看日志 (#150)
+- 增强 LDAP 身份验证的日志记录 (#156)
 - 优化监控报表里拷贝指标请求的 UI (#155)
 
 ## 1.28.2 (2025-02-15)
diff --git a/modules/security/realm/authc/ldap/ldap.go b/modules/security/realm/authc/ldap/ldap.go
index 6ee2fe93..e10659b3 100644
--- a/modules/security/realm/authc/ldap/ldap.go
+++ b/modules/security/realm/authc/ldap/ldap.go
@@ -82,6 +82,9 @@ func (r *LDAPRealm) mapLDAPRoles(authInfo auth.Info) []string {
 	}
 
 	//map group
+	if len(authInfo.GetGroups()) == 0 {
+		log.Debugf("LDAP uid: %v, user: %v, group: %v", uid, authInfo, authInfo.GetGroups())
+	}
 	for _, roleName := range authInfo.GetGroups() {
 		newRoles, ok := r.config.RoleMapping.Group[roleName]
 		if ok {
diff --git a/modules/security/realm/realm.go b/modules/security/realm/realm.go
index 360a8f38..cd5da3e9 100644
--- a/modules/security/realm/realm.go
+++ b/modules/security/realm/realm.go
@@ -77,9 +77,9 @@ func Init(config *config.Config) {
 
 func Authenticate(username, password string) (bool, *rbac.User, error) {
 
-	for i, realm := range realms {
+	for _, realm := range realms {
 		ok, user, err := realm.Authenticate(username, password)
-		log.Debugf("authenticate result: %v, user: %v, err: %v, realm: %v", ok, user, err, i)
+		log.Debugf("authenticate result: %v, user: %v, err: %v, realm: %v", ok, user, err, realm.GetType())
 		if ok && user != nil && err == nil {
 			return true, user, nil
 		}
@@ -92,14 +92,14 @@ func Authenticate(username, password string) (bool, *rbac.User, error) {
 
 func Authorize(user *rbac.User) (bool, error) {
 
-	for i, realm := range realms {
+	for _, realm := range realms {
 		//skip if not the same auth provider, TODO: support cross-provider authorization
 		if user.AuthProvider != realm.GetType() {
 			continue
 		}
 
 		ok, err := realm.Authorize(user)
-		log.Debugf("authorize result: %v, user: %v, err: %v, realm: %v", ok, user, err, i)
+		log.Debugf("authorize result: %v, user: %v, err: %v, realm: %v", ok, user, err, realm.GetType())
 		if ok && err == nil {
 			//return on any success, TODO, maybe merge all roles and privileges from all realms
 			return true, nil