diff --git a/packages/wekan-ldap/server/syncUser.js b/packages/wekan-ldap/server/syncUser.js
index 763ea836d..a05ab4f0a 100644
--- a/packages/wekan-ldap/server/syncUser.js
+++ b/packages/wekan-ldap/server/syncUser.js
@@ -8,10 +8,9 @@ Meteor.methods({
       throw new Meteor.Error('error-invalid-user', 'Invalid user', { method: 'ldap_sync_users' });
     }
 
-    //TODO: This needs to be fixed - security issue -> alanning:meteor-roles
-    //if (!RocketChat.authz.hasRole(user._id, 'admin')) {
-    //	throw new Meteor.Error('error-not-authorized', 'Not authorized', { method: 'ldap_sync_users' });
-    //}
+    if (!user.isAdmin) {
+      throw new Meteor.Error('error-not-authorized', 'Not authorized', { method: 'ldap_sync_users' });
+    }
 
     if (LDAP.settings_get('LDAP_ENABLE') !== true) {
       throw new Meteor.Error('LDAP_disabled');