diff --git a/html/includes/authentication/active_directory.inc.php b/html/includes/authentication/active_directory.inc.php
index 03788f90d8..88504a665c 100644
--- a/html/includes/authentication/active_directory.inc.php
+++ b/html/includes/authentication/active_directory.inc.php
@@ -2,6 +2,12 @@
 
 // easier to rewrite for Active Directory than to bash it into existing LDAP implementation
 
+// disable certificate checking before connect if required
+if (isset($config['auth_ad_dont_check_certificates']) &&
+          $config['auth_ad_dont_check_certificates'] > 0) {
+    putenv('LDAPTLS_REQCERT=never');
+};
+
 $ds = @ldap_connect($config['auth_ad_url']);
 
 // disable referrals and force ldap version to 3
@@ -9,13 +15,6 @@ $ds = @ldap_connect($config['auth_ad_url']);
 ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
 
-// disable certificate checking if required
-
-if (isset($config['auth_ad_dont_check_certificates']) &&
-          $config['auth_ad_dont_check_certificates'] > 0) {
-    putenv('LDAPTLS_REQCERT=never');
-};
-
 function authenticate($username, $password) {
     global $config, $ds;