while helping out on IRC we noticed that its a bit annoying to test a configuration. Some suggestions.

Testing the LDAP connection forces you to use the user you are currently logged on as, expect when LDAP auth is on (dropdown). This should be a text field and not static content. Creating a user named 'admin' is not a thing everyone wants or is able to do (3rd party maintainers, etc)

Once the test is succeeded it would be nice if its stored as 'tested' in the db somewhere so you do not need to fill in all the info again when you want to safe the config and enable the auth.

Once a field is changed (basedn, attrib, etc) then you need to 'retest'.

Besides this isn't it a good idea to set the zabbix admin group as internal by default? Lockouts would get 'impossible' then.