diff --git a/pkg/controllers/clusterexternalsecret/clusterexternalsecret_controller.go b/pkg/controllers/clusterexternalsecret/clusterexternalsecret_controller.go
index 961952f96..891ecba71 100644
--- a/pkg/controllers/clusterexternalsecret/clusterexternalsecret_controller.go
+++ b/pkg/controllers/clusterexternalsecret/clusterexternalsecret_controller.go
@@ -102,18 +102,33 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Resu
 	}
 	if prevName := clusterExternalSecret.Status.ExternalSecretName; prevName != esName {
 		// ExternalSecretName has changed, so remove the old ones
+		failedNamespaces := map[string]error{}
 		for _, ns := range clusterExternalSecret.Status.ProvisionedNamespaces {
 			if err := r.deleteExternalSecret(ctx, prevName, clusterExternalSecret.Name, ns); err != nil {
 				log.Error(err, "could not delete ExternalSecret")
-				return ctrl.Result{}, err
+				failedNamespaces[ns] = err
 			}
 		}
+		if len(failedNamespaces) > 0 {
+			condition := NewClusterExternalSecretCondition(failedNamespaces)
+			SetClusterExternalSecretCondition(&clusterExternalSecret, *condition)
+			clusterExternalSecret.Status.FailedNamespaces = toNamespaceFailures(failedNamespaces)
+			return ctrl.Result{}, err
+		}
 	}
 	clusterExternalSecret.Status.ExternalSecretName = esName
 
 	namespaces, err := r.getTargetNamespaces(ctx, &clusterExternalSecret)
 	if err != nil {
 		log.Error(err, "failed to get target Namespaces")
+		failedNamespaces := map[string]error{
+			"unknown": err,
+		}
+		condition := NewClusterExternalSecretCondition(failedNamespaces)
+		SetClusterExternalSecretCondition(&clusterExternalSecret, *condition)
+
+		clusterExternalSecret.Status.FailedNamespaces = toNamespaceFailures(failedNamespaces)
+
 		return ctrl.Result{}, err
 	}