diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/User.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/User.java
index 9e6204ea8..b15a4ace0 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/User.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/User.java
@@ -133,7 +133,7 @@ public void updateUserGroupsWithGroup(Group assignedGroup) {
         // 1) If a UG doesn't match the incoming assignment, move it out of the list and into the old for deletion
         // 2) If it DOES match, update the group object so hibernate doesn't have a cow
         userGroups.forEach(ug -> {
-            if (ug.getGroup().getResourceId().equals(groupId)) {
+            if (ug.getGroup().getResourceId().equals(assignedGroup.getResourceId())) {
                 ug.setGroup(assignedGroup);
                 setWithNewGroup.add(ug);
             } else {
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/security/controller/UsersControllerIntegrationTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/security/controller/UsersControllerIntegrationTests.groovy
index 68979525d..fdf583211 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/security/controller/UsersControllerIntegrationTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/security/controller/UsersControllerIntegrationTests.groovy
@@ -249,6 +249,21 @@ class UsersControllerIntegrationTests extends Specification {
                       
         def List<UserGroup> groups = ugRepo.findAllByUser(user)
         groups.size() == 1
+        
+        when: 'Updating user role to admin puts the user in the admin group'
+        user.setRole("ROLE_ADMIN")
+        user.setGroupId("AAA") // Dont care that this is different, ROLE_ADMIN should take precedence
+        def resultUserNewRole = mockMvc.perform(patch("$RESOURCE_URI/$user.username").contentType(MediaType.APPLICATION_JSON)
+            .content(mapper.writeValueAsString(user)).accept(MediaType.APPLICATION_JSON))
+        
+        then:
+        resultUserNewRole.andExpect(status().isOk())
+                      .andExpect(content().contentType(MediaType.APPLICATION_JSON))
+                      .andExpect(jsonPath("\$.groupId").value("admingroup"))
+                      
+        def groupsCheck = ugRepo.findAllByUser(user)
+        groupsCheck.size() == 1
+         
     }
 
     @WithMockUser(value = "admin", roles = ["ADMIN"])