This error means that the login attempt was successful, but a subsequent search for the user on the LDAP Server returned no results. If you want to disable this search, you can turn off the "Find user after login" setting.
You need to use the "Sync User Active State" setting under Advanced Sync, but it is not yet compatible with all LDAP Servers.
If you cannot log in without getting any error messages (the last thing in the log you see is Attempt to bind <correct dn of user>), make sure the username of your LDAP account does not match any username of a local account. For example if you created a local user with a usernamejoe, then enable LDAP and try to login with a username joe (who exists on your LDAP server), it will silently fail without any error message in your log simply saying username or password do not match. You cannot log in byjoe,your LDAP password nor by your local password anymore.
Every rocket.chat-user has to have an email. So either the LDAP users need to have an email or you have to set a default domain using the setting "default domain".
MS LDAP Info: https://msdn.microsoft.com/en-us/library/windows/desktop/aa746475(v=vs.85).aspx