diff --git a/lib/GroupManager.php b/lib/GroupManager.php
index 63948fa14..c862e38e6 100644
--- a/lib/GroupManager.php
+++ b/lib/GroupManager.php
@@ -70,6 +70,7 @@ public function __construct(
 	private function getGroupsToRemove(array $samlGroupNames, array $assignedGroups): array {
 		$groupsToRemove = [];
 		foreach ($assignedGroups as $group) {
+			\OCP\Log\logger('user_saml')->debug('Checking group {group} for removal', ['group' => $group->getGID()]);
 			// if group is not supplied by SAML and group has SAML backend
 			if (!in_array($group->getGID(), $samlGroupNames) && $this->hasSamlBackend($group)) {
 				$groupsToRemove[] = $group->getGID();
@@ -88,6 +89,7 @@ private function getGroupsToRemove(array $samlGroupNames, array $assignedGroups)
 	private function getGroupsToAdd(array $samlGroupNames, array $assignedGroupIds): array {
 		$groupsToAdd = [];
 		foreach ($samlGroupNames as $groupName) {
+			\OCP\Log\logger('user_saml')->debug('Checking group {group} for addition', ['group' => $groupName]);
 			$group = $this->groupManager->get($groupName);
 			// if user is not assigned to the group or the provided group has a non SAML backend
 			if (!in_array($groupName, $assignedGroupIds) || !$this->hasSamlBackend($group)) {
@@ -286,11 +288,17 @@ protected function hasGroupForeignMembers(IGroup $group): bool {
 	 * allowed only for groups owned by the SAML backend.
 	 */
 	protected function mayModifyGroup(?IGroup $group): bool {
-		return
+		$isInTransitionList =
 			$group !== null
 			&& $group->getGID() !== 'admin'
 			&& in_array('Database', $group->getBackendNames())
-			&& $this->isGroupInTransitionList($group->getGID())
-			&& !$this->hasGroupForeignMembers($group);
+			&& $this->isGroupInTransitionList($group->getGID());
+
+		if ($isInTransitionList) {
+			\OCP\Log\logger('user_saml')->debug('Checking group {group} for foreign members', ['group' => $group->getGID()]);
+			$hasOnlySamlUsers = !$this->hasGroupForeignMembers($group);
+			\OCP\Log\logger('user_saml')->debug('Completed checking group {group} for foreign members', ['group' => $group->getGID()]);
+		}
+		return $isInTransitionList && $hasOnlySamlUsers;
 	}
 }