diff --git a/src/acl/AclManager.cc b/src/acl/AclManager.cc
index 23a847e3c8..a10c71661a 100644
--- a/src/acl/AclManager.cc
+++ b/src/acl/AclManager.cc
@@ -106,12 +106,6 @@ const bool AclManager::authorize(int uid, const set<int> &user_groups,
 
     bool auth = false;
 
-    // Only oneadmin, or someone in the oneadmin group can manage acl rules
-    if ( obj_type == AuthRequest::ACL )
-    {
-        return ( uid == 0 || user_groups.count( GroupPool::ONEADMIN_ID ) == 1 );
-    }
-
     // Build masks for request
     long long user_req;
     long long resource_oid_req  = obj_type + AclRule::INDIVIDUAL_ID + obj_id;
diff --git a/src/authm/AuthManager.cc b/src/authm/AuthManager.cc
index f4d68b789d..680c7ca954 100644
--- a/src/authm/AuthManager.cc
+++ b/src/authm/AuthManager.cc
@@ -74,7 +74,7 @@ void AuthRequest::add_auth(Object        ob,
     // Authorize the request for self authorization
     // -------------------------------------------------------------------------
 
-    if ( uid == 0 )
+    if ( uid == 0 || gids.count( GroupPool::ONEADMIN_ID ) == 1 )
     {
         auth = true;
     }