diff --git a/flaschengeist/plugins/auth_ldap/__init__.py b/flaschengeist/plugins/auth_ldap/__init__.py
index 8a99284..db2823a 100644
--- a/flaschengeist/plugins/auth_ldap/__init__.py
+++ b/flaschengeist/plugins/auth_ldap/__init__.py
@@ -126,9 +126,12 @@ class AuthLDAP(AuthPlugin):
     def modify_user(self, user: User, password=None, new_password=None):
         try:
             dn = user.get_attribute("DN")
+            logger.debug(f"LDAP: modify_user for user {user.userid} with dn {dn}")
             if password:
+                logger.debug(f"LDAP: modify_user for user {user.userid} with password")
                 ldap_conn = self.ldap.connect(dn, password)
             else:
+                logger.debug(f"LDAP: modify_user for user {user.userid} with root_dn")
                 if self.root_dn is None:
                     logger.error("root_dn missing in ldap config!")
                     raise InternalServerError
@@ -141,9 +144,15 @@ class AuthLDAP(AuthPlugin):
                 ("display_name", "displayName"),
             ]:
                 if hasattr(user, name):
-                    modifier[ldap_name] = [(MODIFY_REPLACE, [getattr(user, name)])]
+                    attribute = getattr(user, name)
+                    if attribute:
+                        modifier[ldap_name] = [(MODIFY_REPLACE, [getattr(user, name)])]
             if new_password:
                 modifier["userPassword"] = [(MODIFY_REPLACE, [self.__hash(new_password)])]
+            if "userPassword" in modifier:
+                logger.debug(f"LDAP: modify_user for user {user.userid} with password change (can't show >modifier<)")
+            else:
+                logger.debug(f"LDAP: modify_user for user {user.userid} with modifier {modifier}")
             ldap_conn.modify(dn, modifier)
             self._set_roles(user)
         except (LDAPPasswordIsMandatoryError, LDAPBindError):