diff --git a/src/python/dm/common/utility/ldapUserManager.py b/src/python/dm/common/utility/ldapUserManager.py
index 370d332bfcc5341f44dc5c2a6551f489a857c0a1..3418174c504324451f70fdf8de3d46db18065c20 100755
--- a/src/python/dm/common/utility/ldapUserManager.py
+++ b/src/python/dm/common/utility/ldapUserManager.py
@@ -122,6 +122,11 @@ class LdapUserManager(LdapClient):
         ldapUserInfo = self.getUserInfo(username)
         userDn = ldapUserInfo.get('userDn')
         userAttrs = ldapUserInfo.get('userAttrs')
+
+        # Remove internal LDAP attributes before creating copy for modifications
+        for key in [ 'modifyTimestamp', 'createTimeStamp' ]:
+            if userAttrs.has_key(key):
+                del userAttrs[key]
         userAttrs2 = copy.copy(userAttrs)
 
         middleName = attrDict.get('middleName', '')
@@ -151,8 +156,8 @@ class LdapUserManager(LdapClient):
         if passwordHash:
             userAttrs2['userPassword'] = [self.encodePasswordHash(passwordHash)]
             #logger.debug('Encoded password entry: %s' % passwordHash)
-        logger.debug('Modifying user %s with attrs %s' % (username, userAttrs2))
-
+        logger.debug('Old user %s attrs: %s' % (username, userAttrs))
+        logger.debug('Modified user %s attrs: %s' % (username, userAttrs2))
         userLdif = ldap.modlist.modifyModlist(userAttrs, userAttrs2)
         ldapClient.modify_s(userDn, userLdif)
         return LdapUserInfo({'userDn' : userDn, 'userAttrs' : userAttrs2})