diff --git a/lib/NGCP/Panel/Controller/API/Admins.pm b/lib/NGCP/Panel/Controller/API/Admins.pm
index c320e86e23..e3f56f7d50 100644
--- a/lib/NGCP/Panel/Controller/API/Admins.pm
+++ b/lib/NGCP/Panel/Controller/API/Admins.pm
@@ -58,6 +58,7 @@ sub create_item {
     my $item;
     try {
         my $pass = delete $resource->{password};
+        $resource->{auth_mode} ||= 'local';
         $item = $c->model('DB')->resultset('admins')->create($resource);
         NGCP::Panel::Utils::Admin::insert_password_journal(
             $c, $item, $pass
diff --git a/lib/NGCP/Panel/Controller/Administrator.pm b/lib/NGCP/Panel/Controller/Administrator.pm
index e5cb7b6c8b..37295c2638 100644
--- a/lib/NGCP/Panel/Controller/Administrator.pm
+++ b/lib/NGCP/Panel/Controller/Administrator.pm
@@ -150,6 +150,7 @@ sub create :Chained('list_admin') :PathPart('create') :Args(0) :AllowedRole(admi
             }
             my $password = delete $form->values->{password};
             $form->values->{md5pass} = undef;
+            $form->values->{auth_mode} ||= 'local';
             $form->values->{saltedpass} = NGCP::Panel::Utils::Auth::generate_salted_hash($password);
 
             if ($form->values->{role_id}) {
@@ -281,6 +282,7 @@ sub edit :Chained('base') :PathPart('edit') :Args(0) {
             } else {
                 $form->values->{role_id} = NGCP::Panel::Utils::UserRole::resolve_role_id($c, $form->values);
             }
+            $form->values->{auth_mode} ||= 'local';
 
             $c->stash->{administrator}->update($form->values);
             delete $c->session->{created_objects}->{reseller};
diff --git a/lib/NGCP/Panel/Form/Administrator/Reseller.pm b/lib/NGCP/Panel/Form/Administrator/Reseller.pm
index 06d22b3c7c..38381ae498 100644
--- a/lib/NGCP/Panel/Form/Administrator/Reseller.pm
+++ b/lib/NGCP/Panel/Form/Administrator/Reseller.pm
@@ -13,7 +13,7 @@ has_field 'login' => (type => 'Text', required => 1, minlength => 5, maxlength =
 has_field 'auth_mode' => (
     type => 'Select',
     label => 'Authentication Mode',
-    required => 1, 
+    required => 0,
     options => [
         { value => 'local', label => 'local' },
         { value => 'ldap', label => 'LDAP' },
diff --git a/lib/NGCP/Panel/Role/API/Admins.pm b/lib/NGCP/Panel/Role/API/Admins.pm
index 0b15fb74d8..3b319632c6 100644
--- a/lib/NGCP/Panel/Role/API/Admins.pm
+++ b/lib/NGCP/Panel/Role/API/Admins.pm
@@ -208,6 +208,7 @@ sub update_item {
         $resource = $old_resource;
         $resource->{is_active} = $active;
     }
+    $resource->{auth_mode} ||= 'local';
 
     $item->update($resource);
 
diff --git a/lib/NGCP/Panel/Utils/Auth.pm b/lib/NGCP/Panel/Utils/Auth.pm
index e5c08c97ea..03c33d7208 100644
--- a/lib/NGCP/Panel/Utils/Auth.pm
+++ b/lib/NGCP/Panel/Utils/Auth.pm
@@ -10,7 +10,7 @@ use UUID;
 use NGCP::Panel::Utils::Ldap qw(
     auth_ldap_simple
     get_user_dn
-            
+
     $ldapconnecterror
     $ldapnouserdn
     $ldapauthfailed
@@ -71,7 +71,7 @@ sub get_usr_salted_pass {
 
 sub perform_auth {
     my ($c, $user, $pass, $realm, $bcrypt_realm) = @_;
-    
+
     my $res;
     my $log_failed_login_attempt = 1;
 
@@ -106,7 +106,7 @@ sub perform_auth {
                     }
                 }, $bcrypt_realm
             );
-        } elsif (defined $dbadmin) { # we already know if the username is wrong, no need to check again
+        } else {
             # check md5 and migrate over to bcrypt on success
             $c->log->debug("login via md5");
             $res = $c->authenticate(
@@ -142,6 +142,7 @@ sub perform_auth {
             $log_failed_login_attempt = 0; # do not log failed attempt if there was an ldap error
         } else {
             $res = 1;
+            $c->set_authenticated($dbadmin); # logs the user in and calls persist_user
         }
     }