diff --git a/src/main/java/info/magnolia/module/forum/DefaultForumManager.java b/src/main/java/info/magnolia/module/forum/DefaultForumManager.java
index 315edea..7ea3d26 100644
--- a/src/main/java/info/magnolia/module/forum/DefaultForumManager.java
+++ b/src/main/java/info/magnolia/module/forum/DefaultForumManager.java
@@ -54,6 +54,7 @@
 import java.text.MessageFormat;
 import java.util.Calendar;
 import java.util.Collection;
+import java.util.Iterator;
 
 import javax.jcr.RepositoryException;
 import javax.jcr.query.Query;
@@ -279,7 +280,17 @@
     @Override
     public void isModerator() throws AccessDeniedException{
         User currentUser = MgnlContext.getUser();
-        if (!currentUser.hasRole(ROLE_FORUM_ALL_MODERATOR) && !currentUser.hasRole(ROLE_FORUM_ALL_ADMIN)) {
+        boolean hasRole = false;
+        // Needs to use getAllRoles() instead of .hasRole() because .hasRole() will only check for the roles directly attached to the user, but not the ones inherited from the group.
+        // As roles can not directly be attached to a AD user, it is crucial to be able to define it over its group.  
+        Collection<String> allRoles = currentUser.getAllRoles();
+        for (Iterator<String> iterator = allRoles.iterator(); iterator.hasNext();) {
+            String roleName = iterator.next();
+            if (roleName.equals(ROLE_FORUM_ALL_MODERATOR) || roleName.equals(ROLE_FORUM_ALL_ADMIN)) {
+                hasRole = true;
+            }
+        }
+
+        if (!hasRole) {
             throw new AccessDeniedException("User not allowed to perform that action.");
         }
     }