diff --git a/include/class_acl.inc b/include/class_acl.inc
index 77d7f9bdff1a112875eca508209590ce2996ca42..21c00d93fbc39551751d7c678475c697025268e0 100644
--- a/include/class_acl.inc
+++ b/include/class_acl.inc
@@ -199,11 +199,16 @@ class acl extends plugin
         if ($ldap->count()) {
           $attrs = $ldap->fetch();
           if (in_array_ics('gosaAccount', $attrs['objectClass'])) {
-            $a['U:'.$dn] = $attrs['cn'][0]." [".$attrs['uid'][0]."]";
+            $a['U:'.$dn] = $attrs['cn'][0].' ['.$attrs['uid'][0].']';
+          } elseif (in_array_ics('organizationalRole', $attrs['objectClass'])) {
+            $a['R:'.$dn] = $attrs['cn'][0];
+            if (isset($attrs['description'][0])) {
+              $a['R:'.$dn] .= ' ['.$attrs['description'][0].']';
+            }
           } else {
             $a['G:'.$dn] = $attrs['cn'][0];
             if (isset($attrs['description'][0])) {
-              $a['G:'.$dn] .= " [".$attrs['description'][0]."]";
+              $a['G:'.$dn] .= ' ['.$attrs['description'][0].']';
             }
           }
           /* ... or not */
diff --git a/include/class_userinfo.inc b/include/class_userinfo.inc
index 31e25b6e2bda5f290b65cd3e985029cb6a4561b7..76f4cf310b25a8e9a454b27adb258289e86cb425 100644
--- a/include/class_userinfo.inc
+++ b/include/class_userinfo.inc
@@ -44,6 +44,7 @@ class userinfo
   var $subtreeACL   = array();
   var $ACL          = array();
   var $groups       = array();
+  var $roles        = array();
   var $result_cache = array();
   var $ignoreACL    = FALSE;
 
@@ -105,6 +106,7 @@ class userinfo
   {
     $this->ACL          = array();
     $this->groups       = array();
+    $this->roles        = array();
     $this->result_cache = array();
     $this->reset_acl_cache();
     $ldap = $this->config->get_ldap_link();
@@ -116,6 +118,9 @@ class userinfo
       $this->groups[$attrs['dn']] = $attrs['dn'];
     }
 
+    /* Get member roles... */
+    $this->roles = objects::ls('role', array('dn' => 'raw'), NULL, '(roleOccupant='.$this->dn.')');
+
     /* Crawl through ACLs and move relevant to the tree */
     $ldap->search("(objectClass=gosaACL)", array('dn', 'gosaAclEntry'));
     $aclp = array();
@@ -174,6 +179,11 @@ class userinfo
               $interresting = TRUE;
             }
 
+            /* Some role inside the members that is relevant for us? */
+            if (in_array_ics(@LDAP::convert(preg_replace('/^R:/', '', $grp)), $this->roles)) {
+              $interresting = TRUE;
+            }
+
             /* User inside the members? */
             if (mb_strtoupper(preg_replace('/^U:/', '', $grp)) == mb_strtoupper($this->dn)) {
               $interresting = TRUE;