diff --git a/dashboard/src/components/UserDialog.vue b/dashboard/src/components/UserDialog.vue
index 97f3a9631..7ade5e611 100644
--- a/dashboard/src/components/UserDialog.vue
+++ b/dashboard/src/components/UserDialog.vue
@@ -37,6 +37,7 @@ const allGroups = ref([]);
 const allLocalGroups = ref([]);
 const active = ref(true);
 const sendInvite = ref(false);
+const isSelf = ref(false);
 
 async function onSubmit() {
   busy.value = true;
@@ -49,66 +50,76 @@ async function onSubmit() {
     role: role.value
   };
 
+  let userId = user.value ? user.value.id : null;
+
   // can only be set not updated
   if (!user.value) data.username = username.value || null;
 
-  let error, result;
-  if (user.value) [error, result] = await usersModel.update(user.value.id, data);
-  else [error, result] = await usersModel.add(data);
-  if (error) {
-    const message = error.body ? error.body.message : '';
-    if (error.status === 409) {
-      if (message.toLowerCase().indexOf('email') !== -1) {
-        formError.value.email = 'Email already taken';
-      } else if (message.toLowerCase().indexOf('username') !== -1 || message.toLowerCase().indexOf('mailbox') !== -1) {
-        formError.value.username = 'Username already taken';
+  if (!user.value.source) {
+    let error, result;
+    if (user.value) [error, result] = await usersModel.update(user.value.id, data);
+    else [error, result] = await usersModel.add(data);
+    if (error) {
+      const message = error.body ? error.body.message : '';
+      if (error.status === 409) {
+        if (message.toLowerCase().indexOf('email') !== -1) {
+          formError.value.email = 'Email already taken';
+        } else if (message.toLowerCase().indexOf('username') !== -1 || message.toLowerCase().indexOf('mailbox') !== -1) {
+          formError.value.username = 'Username already taken';
+        } else {
+          // should not happen!!
+          console.error(message);
+        }
+      } else if (error.status === 400) {
+        if (message.toLowerCase().indexOf('email') !== -1) {
+          formError.value.email = 'Invalid Email';
+          formError.value.emailAttempted = email.value;
+        } else if (message.toLowerCase().indexOf('username') !== -1) {
+          formError.value.username = message;
+        } else {
+          // should not happen!!
+          console.error(error);
+        }
       } else {
-        // should not happen!!
-        console.error(message);
-      }
-    } else if (error.status === 400) {
-      if (message.toLowerCase().indexOf('email') !== -1) {
-        formError.value.email = 'Invalid Email';
-        formError.value.emailAttempted = email.value;
-      } else if (message.toLowerCase().indexOf('username') !== -1) {
-        formError.value.username = message;
-      } else {
-        // should not happen!!
         console.error(error);
       }
-    } else {
-      console.error(error);
+      busy.value = false;
+      return;
     }
-    busy.value = false;
-    return;
+
+    userId = result.id;
   }
 
-  const userId = user.value ? user.value.id : result.id;
-
-  // TODO edit does not support role setting for some reason
-  if (user.value) {
+  // for some reason only user adding supports role setting directly, but not user edit, so we have to do this separately
+  if (user.value && profile.value.id !== userId) {
     const [error] = await usersModel.setRole(userId, role.value);
     if (error) {
+      formError.value.role = error.body ? error.body.message : 'Internal error';
       busy.value = false;
       return console.error(error);
     }
   }
 
-  const [activeError] = await usersModel.setActive(userId, active.value);
-  if (activeError) {
-    busy.value = false;
-    return console.error(error);
+  if (profile.value.id !== userId) {
+    const [error] = await usersModel.setActive(userId, active.value);
+    if (error) {
+      formError.value.generic = error.body ? error.body.message : 'Internal error';
+      busy.value = false;
+      return console.error(error);
+    }
   }
 
   const [groupError] = await usersModel.setLocalGroups(userId, localGroups.value);
   if (groupError) {
+    formError.value.generic = groupError.body ? groupError.body.message : 'Internal error';
     busy.value = false;
-    return console.error(error);
+    return console.error(groupError);
   }
 
   if (sendInvite.value) {
     const [error] = await usersModel.sendInviteEmail(userId, email.value);
     if (error) {
+      formError.value.generic = error.body ? error.body.message : 'Internal error';
       busy.value = false;
       return console.error(error);
     }
@@ -143,13 +154,14 @@ defineExpose({
     [error, result] = await profileModel.get();
     if (error) return console.error(error);
     profile.value = result;
+    isSelf.value = u.id === profile.value.id;
 
     roles.value = [
       { id: ROLES.USER, name: t('users.role.user'), disabled: false },
       { id: ROLES.USER_MANAGER, name: t('users.role.usermanager'), disabled: false },
       { id: ROLES.MAIL_MANAGER, name: t('users.role.mailmanager'), disabled: false },
       { id: ROLES.ADMIN, name: t('users.role.admin'), disabled: !profile.value.isAtLeastAdmin },
-      { id: ROLES.OWNER, name: t('users.role.owner'), disabled: !profile.value.isAtLeastOwner }
+      { id: ROLES.OWNER, name: t('users.role.owner'), disabled: !profile.value.isAtLeastOwner },
     ];
 
     dialog.value.open();
@@ -170,6 +182,8 @@ defineExpose({
   >
     <p class="text-warning" v-if="user && user.source">{{ $t('users.editUserDialog.externalLdapWarning') }}</p>
 
+    <div class="text-danger" v-if="formError.generic">{{ formError.generic }}</div>
+
     <form @submit.prevent="onSubmit()" autocomplete="off">
       <fieldset :disabled="busy">
         <input type="submit" style="display: none;" />
@@ -180,8 +194,9 @@ defineExpose({
         </FormGroup>
 
         <FormGroup>
-          <label for="emailInput">{{ $t('users.user.primaryEmail') }} <sup><a href="https://docs.cloudron.io/profile/#primary-email" class="help" target="_blank"><i class="fa fa-question-circle"></i></a></sup></label>
+          <label for="emailInput" :has-error="formError.email">{{ $t('users.user.primaryEmail') }} <sup><a href="https://docs.cloudron.io/profile/#primary-email" class="help" target="_blank"><i class="fa fa-question-circle"></i></a></sup></label>
           <TextInput id="emailInput" v-model="email" :disabled="(user && user.source) ? true : null" required />
+          <div class="text-danger" v-if="formError.email">{{ formError.email }}</div>
         </FormGroup>
 
         <FormGroup>
@@ -189,14 +204,16 @@ defineExpose({
           <TextInput id="fallbackEmailInput" v-model="fallbackEmail" :placeholder="$t('users.user.fallbackEmailPlaceholder')" />
         </FormGroup>
 
-        <FormGroup v-if="!user">
+        <FormGroup v-if="!user" :has-error="formError.username">
           <label for="usernameInput">{{ $t('users.user.username') }}</label>
           <TextInput id="usernameInput" v-model="username" :placeholder="profileLocked ? '' : $t('users.user.usernamePlaceholder')" />
+          <div class="text-danger" v-if="formError.username">{{ formError.username }}</div>
         </FormGroup>
 
-        <FormGroup v-if="profile.isAtLeastAdmin">
+        <FormGroup v-if="profile.isAtLeastAdmin" :has-error="formError.role">
           <label for="roleInput">{{ $t('users.user.role') }} <sup><a href="https://docs.cloudron.io/user-management/#roles" class="help" target="_blank"><i class="fa fa-question-circle"></i></a></sup></label>
-          <SingleSelect id="roleInput" v-model="role" :options="roles" option-key="id" option-label="name" />
+          <SingleSelect id="roleInput" v-model="role" :options="roles" option-key="id" option-label="name" :disabled="isSelf"/>
+          <div class="text-danger" v-if="formError.role">{{ formError.role }}</div>
         </FormGroup>
 
         <!-- local groups. they can have local and external users -->
@@ -206,7 +223,7 @@ defineExpose({
           <MultiSelect v-if="allLocalGroups.length" v-model="localGroups" :options="allLocalGroups" />
         </FormGroup>
 
-        <Checkbox v-model="active" :label="$t('users.user.activeCheckbox')" /><sup><a href="https://docs.cloudron.io/user-management/#disable-user" class="help" target="_blank"><i class="fa fa-question-circle"></i></a></sup><br/>
+        <Checkbox v-model="active" :disabled="isSelf" :label="$t('users.user.activeCheckbox')" /><sup><a href="https://docs.cloudron.io/user-management/#disable-user" class="help" target="_blank"><i class="fa fa-question-circle"></i></a></sup><br/>
         <Checkbox v-if="!user" v-model="sendInvite" :label="$t('users.addUserDialog.sendInviteCheckbox')" />
       </fieldset>
     </form>