diff --git a/deployment_scripts/puppet/modules/lma_logging_analytics/manifests/kibana_authentication.pp b/deployment_scripts/puppet/modules/lma_logging_analytics/manifests/kibana_authentication.pp
index 5c1a039..b1bb25c 100644
--- a/deployment_scripts/puppet/modules/lma_logging_analytics/manifests/kibana_authentication.pp
+++ b/deployment_scripts/puppet/modules/lma_logging_analytics/manifests/kibana_authentication.pp
@@ -49,6 +49,9 @@ class lma_logging_analytics::kibana_authentication (
     if empty($ldap_servers) {
       fail('ldap_servers list parameter is empty')
     }
+    if ! is_array($ldap_servers) {
+      fail('ldap_servers list parameter must be an array')
+    }
     if ! $ldap_port { fail('Missing ldap_port parameter')}
     if ! $ldap_protocol { fail('Missing ldap_protocol parameter')}
     if ! $ldap_bind_dn { fail('Missing ldap_bind_dn parameter')}
@@ -68,9 +71,8 @@ class lma_logging_analytics::kibana_authentication (
     $apache_modules = concat($default_apache_modules, ['ldap', 'authnz_ldap'])
 
     # LDAP url is used by apache::custom_config
-    $ldap_urls = suffix($ldap_servers, ":${ldap_port}/${ldap_user_search_base_dns}?${ldap_user_attribute}?sub?${ldap_user_search_filter}")
-
-    $ldap_url = join($ldap_urls, ' ')
+    $ldap_servers_url = join(suffix($ldap_servers, ":${ldap_port}"), ' ')
+    $ldap_url = "${ldap_servers_url}/${ldap_user_search_base_dns}?${ldap_user_attribute}?sub?${ldap_user_search_filter}"
   } else {
     $apache_modules = $default_apache_modules
   }
diff --git a/deployment_scripts/puppet/modules/lma_logging_analytics/spec/classes/lma_logging_analytics_kibana_authentication_spec.rb b/deployment_scripts/puppet/modules/lma_logging_analytics/spec/classes/lma_logging_analytics_kibana_authentication_spec.rb
index f3c1f5b..06a32ce 100644
--- a/deployment_scripts/puppet/modules/lma_logging_analytics/spec/classes/lma_logging_analytics_kibana_authentication_spec.rb
+++ b/deployment_scripts/puppet/modules/lma_logging_analytics/spec/classes/lma_logging_analytics_kibana_authentication_spec.rb
@@ -35,6 +35,7 @@ describe 'lma_logging_analytics::kibana_authentication' do
           should contain_file('/etc/apache2/kibana.htpasswd')
         }
     end
+
     describe 'ldap parameters' do
         let(:params) do
             {:listen_address => '127.0.0.1', :listen_port => 80,
@@ -59,6 +60,32 @@ describe 'lma_logging_analytics::kibana_authentication' do
           should contain_file('/etc/apache2/kibana.htpasswd')
         }
     end
+
+    describe 'ldap parameters with several ldap servers' do
+        let(:params) do
+            {:listen_address => '127.0.0.1', :listen_port => 80,
+             :kibana_address  => '127.0.0.1', :kibana_port => 5106,
+             :username => 'foouser', :password => 'foopass',
+             :ldap_enabled => true,
+             :ldap_protocol => 'ldap',
+             :ldap_port => 389,
+             :ldap_servers => ['ldap.foo1.fr', 'ldap.foo2.fr'],
+             :ldap_bind_dn => 'cn=admin,dc=example,dc=com',
+             :ldap_bind_password => 'foopass',
+             :ldap_user_search_base_dns => 'ou=groups,dc=example,dc=com',
+             :ldap_user_search_filter => '(&(objectClass=posixGroup)(memberUid=%s))',
+             :ldap_user_attribute => 'uid',
+            }
+        end
+
+        it {
+          should contain_class('apache')
+          should contain_apache__custom_config('kibana-proxy').
+              with_content(/ldap:\/\/ldap.foo1.fr:389 ldap.foo2.fr:389/)
+          should contain_htpasswd('foouser')
+        }
+    end
+
     describe 'ldap parameters are missing' do
         let(:params) do
             {:listen_address => '127.0.0.1', :listen_port => 80,