diff --git a/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java b/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java
index 244d185..bdfd83b 100644
--- a/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java
+++ b/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java
@@ -669,13 +669,7 @@ public class LdapIdentityProvider implements ExternalIdentityProvider {
             throws LdapInvalidAttributeValueException {
         ExternalIdentityRef ref = new ExternalIdentityRef(entry.getDn().getName(), this.getName());
         if (id == null) {
-            String idAttribute = config.getUserConfig().getIdAttribute();
-            Attribute attr = entry.get(idAttribute);
-            if (attr == null) {
-                throw new LdapInvalidAttributeValueException(ResultCodeEnum.CONSTRAINT_VIOLATION,
-                        "no value found for attribute '" + idAttribute + "' for entry " + entry);
-            }
-            id = attr.getString();
+            id = getIdValue(entry, config.getUserConfig().getIdAttribute());
         }
         String path = config.getUserConfig().makeDnPath()
                 ? createDNPath(entry.getDn())
@@ -695,13 +689,7 @@ public class LdapIdentityProvider implements ExternalIdentityProvider {
             throws LdapInvalidAttributeValueException {
         ExternalIdentityRef ref = new ExternalIdentityRef(entry.getDn().getName(), this.getName());
         if (name == null) {
-            String idAttribute = config.getGroupConfig().getIdAttribute();
-            Attribute attr = entry.get(idAttribute);
-            if (attr == null) {
-                throw new LdapInvalidAttributeValueException(ResultCodeEnum.CONSTRAINT_VIOLATION,
-                        "no value found for attribute '" + idAttribute + "' for entry " + entry);
-            }
-            name = attr.getString();
+            name = getIdValue(entry, config.getGroupConfig().getIdAttribute());
         }
         String path = config.getGroupConfig().makeDnPath()
                 ? createDNPath(entry.getDn())
@@ -714,7 +702,18 @@ public class LdapIdentityProvider implements ExternalIdentityProvider {
             }
         }
         return group;
+    }
 
+    private String getIdValue(Entry entry, String idAttribute) throws LdapInvalidAttributeValueException {
+        if ("dn".equals(idAttribute)) {
+            return entry.getDn().getName();
+        }
+        Attribute attr = entry.get(idAttribute);
+        if (attr == null) {
+            throw new LdapInvalidAttributeValueException(ResultCodeEnum.CONSTRAINT_VIOLATION,
+                    "no value found for attribute '" + idAttribute + "' for entry " + entry);
+        }
+        return attr.getString();
     }
 
     @Nonnull