This is caused when using PRGateway and the required setting Authentication/RedirectGuests set to "False". The setting is system wide and required for proper PRGateway processing.
FYI: As of PRPC 7.2.1 you no longer use PRGateway to satisfy same domain origin policy.
The setting causes the login screen from other servlets using PRCustom style authentication, like your LDAP authentication, to not display properly.
The setting disables the standard redirect so the default Accessgroup hash is not present and static content requests associated with the page do not get downloaded.
You can add the following script to your login screen. This is by default Web-Login but in your Data-Admin-AuthService record you use for you LDAP configuration you can on the Custom tab define a different login screen. These should also be a copy of Web-Login.
The login screen rule needs to live in a ruleset that is available to unauthenticated users.
Code: (Add below the existing <body> element )
<body onload="processOnLoad()" oncontextmenu="return false;">
<pega:save name="ssoURL" ref="pxThread.pxReqBaseURI"/>
/*URL for redirect, yes hardcoding !STANDARD for the later condition, not guessing on thread name..forcing thread name. */
var ssoURL = "<pega:reference name="$save(ssoURL)" />/!STANDARD";
First Time: https://<host>/prweb/PRWebLDAP3
Second Time: https://host>/prweb/PRWebLDAP3/<AccessGroupHash>/!STANDARD
var currentURL = top.location.href;
/*If currentURL does not contain !STANDARD replace it with one that does */
if(currentURL.indexOf("!STANDARD") == -1)