diff --git a/mylib/ldap.py b/mylib/ldap.py
index cee9197..122ba8d 100644
--- a/mylib/ldap.py
+++ b/mylib/ldap.py
@@ -782,21 +782,23 @@ class LdapClient:
         protected_attrs = [a.lower() for a in protected_attrs or []]
         protected_attrs.append("dn")
         # New/updated attributes
-        for attr in attrs:
+        for attr, values in attrs.items():
             if protected_attrs and attr.lower() in protected_attrs:
                 continue
             if attr in ldap_obj and ldap_obj[attr]:
-                if sorted(ldap_obj[attr]) == sorted(attrs[attr]):
+                if sorted(ldap_obj[attr]) == sorted(values):
                     continue
                 old[attr] = self.encode(ldap_obj[attr])
-            new[attr] = self.encode(attrs[attr])
+            elif not values:
+                continue
+            new[attr] = self.encode(values)
 
         # Deleted attributes
         for attr in ldap_obj:
             if (
                 (not protected_attrs or attr.lower() not in protected_attrs)
                 and ldap_obj[attr]
-                and attr not in attrs
+                and not attrs.get(attr)
             ):
                 old[attr] = self.encode(ldap_obj[attr])
         if old == new: