From b4eafbcd70aa964dec1ed8a47591d22d17cf9b47 Mon Sep 17 00:00:00 2001
From: ralf <rb@egroupware.org>
Date: Thu, 2 Feb 2023 08:56:53 +0100
Subject: [PATCH] * LDAP: fix LDAP protocol error creating new groups without a
 description make sure not to unset (empty) description for new groups

---
 api/src/Accounts/Ldap.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/api/src/Accounts/Ldap.php b/api/src/Accounts/Ldap.php
index 9804aff101..9d41164576 100644
--- a/api/src/Accounts/Ldap.php
+++ b/api/src/Accounts/Ldap.php
@@ -615,8 +615,10 @@ class Ldap
 	{
 		$to_write['gidnumber'] = abs($data['account_id']);
 		$to_write['cn'] = $data['account_lid'];
-		// do not overwrite exitsting description, if non is given
-		if (isset($data['account_description']))
+		// do not overwrite existing description, if non is given
+		if (isset($data['account_description']) &&
+			// make sure NOT to unset description for new groups, give a "Protocol error"
+			(!empty($data['account_id']) || !empty($data['account_description'])))
 		{
 			$to_write['description'] = !empty($data['account_description']) ? $data['account_description'] : array();
 		}