diff --git a/internal/provider/ldap_object_resource.go b/internal/provider/ldap_object_resource.go
index 75f8a2f..46d01ed 100644
--- a/internal/provider/ldap_object_resource.go
+++ b/internal/provider/ldap_object_resource.go
@@ -253,6 +253,14 @@ func (L *LDAPObjectResource) ModifyPlan(ctx context.Context, request resource.Mo
 		// don't ignore any attributes on create and delete
 		return
 	}
+
+	if stateData != nil && planData != nil && stateData.DN != planData.DN {
+		response.Diagnostics.Append(response.Plan.SetAttribute(ctx, path.Root("id"), types.StringUnknown())...)
+		if response.Diagnostics.HasError() {
+			return
+		}
+	}
+
 	var planAttributes map[string][]string
 	response.Diagnostics.Append(planData.Attributes.ElementsAs(ctx, &planAttributes, false)...)
 	var stateAttributes map[string][]string
diff --git a/internal/provider/ldap_object_resource_test.go b/internal/provider/ldap_object_resource_test.go
index b06724c..73ec710 100644
--- a/internal/provider/ldap_object_resource_test.go
+++ b/internal/provider/ldap_object_resource_test.go
@@ -12,7 +12,7 @@ func TestLDAPObjectResource(t *testing.T) {
 		PreCheck:                 func() { testAccPreCheck(t) },
 		ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
 		Steps: []resource.TestStep{
-			// Create and Read testing
+			// Create test
 			{
 				Config: testCreateConfig,
 				Check: resource.ComposeAggregateTestCheckFunc(
@@ -22,18 +22,21 @@ func TestLDAPObjectResource(t *testing.T) {
 					resource.TestCheckResourceAttr("ldap_object.test", "attributes.userPassword.0", "password"),
 				),
 			},
+			// Update test
 			{
 				Config: testUpdateConfig,
 				Check: resource.ComposeAggregateTestCheckFunc(
 					resource.TestCheckResourceAttr("ldap_object.test", "attributes.sn.0", "test2"),
 				),
 			},
+			// Update an ignored attribute
 			{
 				Config: testUpdateIgnoreConfig,
 				Check: resource.ComposeAggregateTestCheckFunc(
 					resource.TestCheckResourceAttr("ldap_object.test", "attributes.userPassword.0", "password"),
 				),
 			},
+			// Update an ignored attribute which was changed externally
 			{
 				Config:    testUpdateIgnoreConfig,
 				PreConfig: testChangePasswordExternally,
@@ -51,6 +54,25 @@ func TestLDAPObjectResource(t *testing.T) {
 					resource.TestCheckResourceAttr("ldap_object.importtest", "attributes.sn.0", "test"),
 				),
 			},
+			// Update DN
+			{
+				Config:    testUpdateDN,
+				PreConfig: testChangePasswordExternally,
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr("ldap_object.test", "dn", "cn=test2,dc=example,dc=com"),
+				),
+			},
+			// Test import
+			{
+				Config:        testImport,
+				PreConfig:     testImportPreConfig,
+				ImportState:   true,
+				ImportStateId: "cn=importtest,dc=example,dc=com",
+				ResourceName:  "ldap_object.importtest",
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr("ldap_object.importtest", "attributes.sn.0", "test"),
+				),
+			},
 		}},
 	)
 }
@@ -113,6 +135,19 @@ resource "ldap_object" "test" {
 }
 `
 
+const testUpdateDN = `
+resource "ldap_object" "test" {
+	dn = "cn=test2,dc=example,dc=com"
+	object_classes = ["person"]
+	attributes = {
+		"cn" = ["test2"]
+		"sn" = ["test2"]
+		"userPassword" = ["password"]
+	}
+	ignore_changes = ["userPassword"]
+}
+`
+
 const testImport = `
 resource "ldap_object" "importtest" {
 }