diff --git a/CHANGELOG.md b/CHANGELOG.md
index e73c59a4d..8d4d749f0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 ### Fixed
 
 - Provision certificates from OrgIdentity (LDAP Provisioner)
+- Handle undefined variables (LDAP Provisioner)
+- Log errors when LDAP Provisioner fails to write at LDAP
 
 ## [3.3.7-rciam] - 2021-11-16
 
diff --git a/app/Plugin/LdapProvisioner/Lib/LdapSyncEntitlements.php b/app/Plugin/LdapProvisioner/Lib/LdapSyncEntitlements.php
index cbf183e7e..593535410 100644
--- a/app/Plugin/LdapProvisioner/Lib/LdapSyncEntitlements.php
+++ b/app/Plugin/LdapProvisioner/Lib/LdapSyncEntitlements.php
@@ -76,7 +76,7 @@ private function groupEntitlementAssemble($memberships_groups){
           . ":role=" . $role             // role
           . "#" . $this->config['urn_authority']; // AA FQDN
         // Enable legacy URN syntax for compatibility reasons?
-        if($this->config['urn_legacy']) {
+        if(!empty($this->config['urn_legacy']) && $this->config['urn_legacy']) {
           $this->state['Attributes']['eduPersonEntitlement'][] =
             $this->config['urn_namespace']          // URN namespace
             . ':' . $this->config['urn_authority']  // AA FQDN
diff --git a/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerTarget.php b/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerTarget.php
index c587ffb8b..0516900e4 100644
--- a/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerTarget.php
+++ b/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerTarget.php
@@ -1474,7 +1474,7 @@ public function provision($coProvisioningTargetData, $op, $provisioningData) {
                            $provisioningData);
         } else {
           if(!empty($attributes)) {
-            $this->log(get_class($this) . "::{" . var_export($attributes, true) . "}::@", LOG_ERROR);
+            $this->log(__METHOD__ . "::replace::{" . var_export($attributes, true) . "}::@", LOG_ERROR);
           }
           throw new RuntimeException(ldap_error($cxn), ldap_errno($cxn));
         }
@@ -1492,6 +1492,9 @@ public function provision($coProvisioningTargetData, $op, $provisioningData) {
       }
 
       if(!@ldap_add($cxn, $dns['newdn'], $attributes)) {
+        if(!empty($attributes)) {
+          $this->log(__METHOD__ . "::add::{" . var_export($attributes, true) . "}::@", LOG_ERROR);
+        }
         throw new RuntimeException(ldap_error($cxn), ldap_errno($cxn));
       }
     }