diff --git a/src/routes/test/users-test.js b/src/routes/test/users-test.js
index cced42b17..eb2d0f60c 100644
--- a/src/routes/test/users-test.js
+++ b/src/routes/test/users-test.js
@@ -389,7 +389,7 @@ describe('Users API', function () {
             });
     });
 
-    it('remove second user from admins succeeds', function (done) {
+    it('remove second user from group succeeds', function (done) {
         superagent.put(SERVER_URL + '/api/v1/users/' + user_1.id + '/groups')
             .query({ access_token: token })
             .send({ groupIds: [ groupObject.id ] })
@@ -407,6 +407,16 @@ describe('Users API', function () {
             });
     });
 
+    it('remove second user as admin succeeds', function (done) {
+        superagent.post(SERVER_URL + '/api/v1/users/' + user_1.id)
+            .query({ access_token: token })
+            .send({ admin: false })
+            .end(function (err, res) {
+                expect(res.statusCode).to.equal(204);
+                done();
+            });
+    });
+
     it('create user missing username succeeds', function (done) {
         superagent.post(SERVER_URL + '/api/v1/users')
             .query({ access_token: token })
@@ -491,7 +501,7 @@ describe('Users API', function () {
             });
     });
 
-    xit('list users fails for normal user', function (done) {
+    it('list users fails for normal user', function (done) {
         superagent.get(SERVER_URL + '/api/v1/users')
             .query({ access_token: token_1 })
             .end(function (error, res) {
diff --git a/src/test/users-test.js b/src/test/users-test.js
index b8dd22d87..7b411bd6e 100644
--- a/src/test/users-test.js
+++ b/src/test/users-test.js
@@ -743,7 +743,8 @@ describe('User', function () {
         var user1 = {
             username: 'seconduser',
             password: 'ASDFkljsf#$^%2354',
-            email: 'some@thi.ng'
+            email: 'some@thi.ng',
+            admin: false
         };
 
         it('make second user admin does not send mail to action performer', function (done) {
@@ -758,6 +759,7 @@ describe('User', function () {
                 users.update(user1, { admin: true }, AUDIT_SOURCE, function (error) {
                     expect(error).to.not.be.ok();
 
+                    user1.admin = true;
                     // no emails should be sent out anymore, since the user performing the action does not get a notification anymore
                     checkMails(0, done);
                 });
@@ -768,6 +770,7 @@ describe('User', function () {
             users.update(user1, { admin: false }, AUDIT_SOURCE, function (error) {
                 expect(error).to.eql(null);
 
+                user1.admin = false;
                 // no emails should be sent out anymore, since the user performing the action does not get a notification anymore
                 checkMails(0, done);
             });
@@ -777,14 +780,16 @@ describe('User', function () {
             users.update(user1, { admin: true }, { ip: '1.2.3.4', userId: 'someuserid' }, function (error) {
                 expect(error).to.not.be.ok();
 
+                user1.admin = true;
                 checkMails(1, done);
             });
         });
 
-        xit('succeeds to remove admin flag does send mail to other admins', function (done) {
+        it('succeeds to remove admin flag does send mail to other admins', function (done) {
             users.update(user1, { admin: false }, { ip: '1.2.3.4', userId: 'someuserid' }, function (error) {
                 expect(error).to.eql(null);
 
+                user1.admin = false;
                 checkMails(1, done);
             });
         });
@@ -807,7 +812,8 @@ describe('User', function () {
             var user1 = {
                 username: 'seconduser',
                 password: 'Adfasdkjf#$%43',
-                email: 'some@thi.ng'
+                email: 'some@thi.ng',
+                admin: false
             };
 
             var invitor = { username: USERNAME, email: EMAIL };
diff --git a/src/users.js b/src/users.js
index 86346d0c1..f2bd41a20 100644
--- a/src/users.js
+++ b/src/users.js
@@ -443,18 +443,16 @@ function updateUser(user, data, auditSource, callback) {
     userdb.update(user.id, data, function (error) {
         if (error) return callback(error);
 
-        get(user.id, function (error, result) {
-            if (error) return callback(error);
+        const newUser = _.extend({}, user, data);
 
-            eventlog.add(eventlog.ACTION_USER_UPDATE, auditSource, {
-                userId: user.id,
-                user: removePrivateFields(result),
-                adminStatusChanged: ((result.admin && !user.admin) || (!result.admin && user.admin)),
-                activeStatusChanged: ((result.active && !user.active) || (!result.active && user.active))
-            });
-
-            callback(null);
+        eventlog.add(eventlog.ACTION_USER_UPDATE, auditSource, {
+            userId: user.id,
+            user: removePrivateFields(newUser),
+            adminStatusChanged: ((newUser.admin && !user.admin) || (!newUser.admin && user.admin)),
+            activeStatusChanged: ((newUser.active && !user.active) || (!newUser.active && user.active))
         });
+
+        callback(null);
     });
 }