diff --git a/idm/external-idp.yml b/idm/external-idp.yml
index 4bb53ac..0f18ea9 100644
--- a/idm/external-idp.yml
+++ b/idm/external-idp.yml
@@ -11,7 +11,6 @@ services:
       OC_LDAP_USER_BASE_DN: "ou=users,dc=opencloud,dc=eu"
       OC_LDAP_USER_FILTER: "(objectclass=inetOrgPerson)"
       GRAPH_LDAP_SERVER_UUID: "false"
-      GRAPH_LDAP_GROUP_CREATE_BASE_DN: "ou=custom,ou=groups,dc=opencloud,dc=eu"
       GRAPH_LDAP_REFINT_ENABLED: "true" # osixia has refint enabled.
       FRONTEND_READONLY_USER_ATTRIBUTES: "user.onPremisesSamAccountName,user.displayName,user.mail,user.passwordProfile,user.accountEnabled,user.appRoleAssignments"
       PROXY_OIDC_REWRITE_WELLKNOWN: "true"
diff --git a/testing/ldap-manager.yml b/testing/ldap-manager.yml
index 5626ea0..2374ffe 100644
--- a/testing/ldap-manager.yml
+++ b/testing/ldap-manager.yml
@@ -16,7 +16,7 @@ services:
       - "traefik.enable=true"
       - "traefik.http.routers.ldap-manager.entrypoints=https"
       - "traefik.http.routers.ldap-manager.rule=Host(`${LDAP_MANAGER_DOMAIN:-ldap.opencloud.test}`)"
-      - "traefik.http.routers.ldap-manager.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.ldap-manager.${TRAEFIK_SERVICES_TLS_CONFIG}"
       - "traefik.http.routers.ldap-manager.service=ldap-manager"
       - "traefik.http.services.ldap-manager.loadbalancer.server.port=8080"
     logging: