diff --git a/crates/defguard_core/src/enterprise/directory_sync/mod.rs b/crates/defguard_core/src/enterprise/directory_sync/mod.rs
index 9f56e8f211..be3068d7e2 100644
--- a/crates/defguard_core/src/enterprise/directory_sync/mod.rs
+++ b/crates/defguard_core/src/enterprise/directory_sync/mod.rs
@@ -418,6 +418,18 @@ pub(crate) async fn sync_user_groups_if_configured(
         debug!("Directory sync is disabled, skipping syncing user groups");
         return Ok(());
     }
+    let sync_target = provider
+        .ok_or(DirectorySyncError::NotConfigured)?
+        .directory_sync_target;
+    if !matches!(
+        sync_target,
+        DirectorySyncTarget::All | DirectorySyncTarget::Groups
+    ) {
+        debug!(
+            "Directory sync target is {sync_target}, skipping syncing user groups"
+        );
+        return Ok(());
+    }
 
     match DirectorySyncClient::build(pool).await {
         Ok(mut dir_sync) => {
diff --git a/crates/defguard_core/src/enterprise/directory_sync/tests.rs b/crates/defguard_core/src/enterprise/directory_sync/tests.rs
index 9bac17d281..f964c007de 100644
--- a/crates/defguard_core/src/enterprise/directory_sync/tests.rs
+++ b/crates/defguard_core/src/enterprise/directory_sync/tests.rs
@@ -619,6 +619,36 @@ mod test {
         assert_eq!(user_groups.len(), 0);
     }
 
+    #[sqlx::test]
+    async fn test_sync_user_groups_if_configured_skips_for_users_target(
+        _: PgPoolOptions,
+        options: PgConnectOptions,
+    ) {
+        let pool = setup_pool(options).await;
+
+        let config = DefGuardConfig::new_test_config();
+        let _ = SERVER_CONFIG.set(config.clone());
+        let (wg_tx, _) = broadcast::channel::<GatewayEvent>(16);
+        make_test_provider(
+            &pool,
+            DirectorySyncUserBehavior::Delete,
+            DirectorySyncUserBehavior::Delete,
+            DirectorySyncTarget::Users,
+            false,
+        )
+        .await;
+        let user = make_test_user_and_device("testuser", &pool).await;
+        let user_groups = user.member_of(&pool).await.unwrap();
+        assert_eq!(user_groups.len(), 0);
+
+        sync_user_groups_if_configured(&user, &pool, &wg_tx)
+            .await
+            .unwrap();
+
+        let user_groups = user.member_of(&pool).await.unwrap();
+        assert_eq!(user_groups.len(), 0);
+    }
+
     #[sqlx::test]
     async fn test_sync_target_all(_: PgPoolOptions, options: PgConnectOptions) {
         let pool = setup_pool(options).await;