diff --git a/adduser.php b/adduser.php
index 5909fe1e0d..af7d7c09e2 100755
--- a/adduser.php
+++ b/adduser.php
@@ -5,17 +5,33 @@ include("includes/defaults.inc.php");
 include("config.php");
 include("includes/functions.php");
 
-if($argv[1] && $argv[2] && $argv[3]) {
-  if($argv[4]) {
-   mysql_query("INSERT INTO `users` (`username`,`password`,`level`) VALUES ('".mres($argv[1])."',MD5('".$argv[2]."'),'".mres($argv[3])."'),'".mres($argv[4])."')");
-  } else {
-   mysql_query("INSERT INTO `users` (`username`,`password`,`level`) VALUES ('".mres($argv[1])."',MD5('".$argv[2]."'),'".mres($argv[3])."')");
-  }
-  if(mysql_affected_rows()) {
-    echo("User ".$argv[1]." added successfully\n");
-  }
-} else {
-  echo("Add User Tool\nUsage: ./adduser.php <username> <password> <level 1-10> [email]\n");
-} 
+if (file_exists('html/includes/authentication/' . $config['auth_mechanism'] . '.inc.php'))
+{
+  include('html/includes/authentication/' . $config['auth_mechanism'] . '.inc.php');
+}
+else
+{
+  echo "ERROR: no valid auth_mechanism defined.\n";
+  exit();
+}        
+        
+if (auth_usermanagement())
+{
+  if($argv[1] && $argv[2] && $argv[3]) 
+  {
+    if(adduser($argv[1],$argv[2],$argv[3],$argv[4]))
+    {
+      echo("User ".$argv[1]." added successfully\n");
+    }
+  } 
+  else 
+  {
+    echo("Add User Tool\nUsage: ./adduser.php <username> <password> <level 1-10> [email]\n");
+  } 
+}
+else
+{
+  echo "Auth module does not allow adding users!\n";
+}
 
 ?>
diff --git a/html/includes/authentication/http-auth.inc.php b/html/includes/authentication/http-auth.inc.php
index ce38988f4a..ebed1eb604 100644
--- a/html/includes/authentication/http-auth.inc.php
+++ b/html/includes/authentication/http-auth.inc.php
@@ -34,5 +34,21 @@ function changepassword($username,$newpassword)
   # Not supported
 }
   
+function auth_usermanagement()
+{
+  return 1;
+}
   
+function adduser($username, $password, $level, $email = "", $realname = "")
+{
+  mysql_query("INSERT INTO `users` (`username`,`password`,`level`, `email`, `realname`) VALUES ('".mres($username)."',MD5('".mres($password)."'),'".mres($level)."','".mres($email)."','".mres($realname)."')");
+   
+  return mysql_affected_rows();
+}
+  
+function user_exists($username)
+{
+  return mysql_result(mysql_query("SELECT * FROM users WHERE username = '".mres($username)."'"),0);
+}
+
 ?>
\ No newline at end of file
diff --git a/html/includes/authentication/ldap.inc.php b/html/includes/authentication/ldap.inc.php
index ec103f07f7..6311431405 100644
--- a/html/includes/authentication/ldap.inc.php
+++ b/html/includes/authentication/ldap.inc.php
@@ -43,5 +43,22 @@ function changepassword($username,$newpassword)
 {
   # Not supported (for now)
 }
-    
+
+function auth_usermanagement()
+{
+  return 0;
+}
+
+function adduser($username, $password, $level, $email = "", $realname = "")
+{
+  # Not supported
+  return 0;
+}
+  
+function user_exists($username)
+{
+  return 0; # FIXME to be implemented
+}
+  
+  
 ?>
\ No newline at end of file
diff --git a/html/includes/authentication/mysql.inc.php b/html/includes/authentication/mysql.inc.php
index 24c346b9e6..5d1e589146 100644
--- a/html/includes/authentication/mysql.inc.php
+++ b/html/includes/authentication/mysql.inc.php
@@ -25,4 +25,21 @@ function changepassword($username,$newpassword)
   $query = mysql_query($sql);
 }
 
+function auth_usermanagement()
+{
+  return 1;
+}
+  
+function adduser($username, $password, $level, $email = "", $realname = "")
+{
+  mysql_query("INSERT INTO `users` (`username`,`password`,`level`, `email`, `realname`) VALUES ('".mres($username)."',MD5('".mres($password)."'),'".mres($level)."','".mres($email)."','".mres($realname)."')");
+   
+  return mysql_affected_rows();
+}
+
+function user_exists($username)
+{
+  return mysql_result(mysql_query("SELECT * FROM users WHERE username = '".mres($username)."'"),0);
+}
+  
 ?>
\ No newline at end of file
diff --git a/html/includes/error-no-perm.inc.php b/html/includes/error-no-perm.inc.php
index 8b4a37520e..d486877702 100644
--- a/html/includes/error-no-perm.inc.php
+++ b/html/includes/error-no-perm.inc.php
@@ -23,7 +23,7 @@ echo("<div style='margin:auto; text-align: center; margin-top: 20px; max-width:4
   </div>
   <b class='rounded'>
   <b class='rounded5'></b>
-  <b class='unded4'></b>
+  <b class='rounded4'></b>
   <b class='rounded3'></b>
   <b class='rounded2'></b>
   <b class='rounded1'></b></b>
diff --git a/html/includes/print-menubar.php b/html/includes/print-menubar.php
index c858c8a90d..f8356238f7 100644
--- a/html/includes/print-menubar.php
+++ b/html/includes/print-menubar.php
@@ -214,11 +214,16 @@ echo('        <li><hr /></li>
       echo('
         <li><hr width="140" /></li>
         <li><a href="/statistics/"><img src="images/16/report.png" border="0" align="absmiddle" /> Statistics</a></li>
-        <li><hr width="140" /></li>
-	<li><a href="?page=adduser"><img src="images/16/user_add.png" border="0" align="absmiddle" /> Add User</a></li>
-        <li><a href="?page=deluser"><img src="images/16/user_delete.png" border="0" align="absmiddle" /> Remove User</a></li>
+        <li><hr width="140" /></li>');
+      if (auth_usermanagement())
+      {
+      echo('
+	<li><a href="adduser/"><img src="images/16/user_add.png" border="0" align="absmiddle" /> Add User</a></li>
+        <li><a href="deluser/"><img src="images/16/user_delete.png" border="0" align="absmiddle" /> Remove User</a></li>
         <li><a href="?page=edituser"><img src="images/16/user_edit.png" border="0" align="absmiddle" /> Edit User</a></li>
-        <li><hr width="140" /></li>
+        <li><hr width="140" /></li>');
+      }
+      echo ('
         <li><a href="authlog/"><img src="images/16/lock.png" border="0" align="absmiddle" /> Authlog</a></li>');
     } ?>
     </ul>
diff --git a/html/pages/adduser.php b/html/pages/adduser.php
index e868d9501d..3fd3bce45f 100644
--- a/html/pages/adduser.php
+++ b/html/pages/adduser.php
@@ -2,50 +2,66 @@
 
 echo("<div style='margin: 10px;'>");
 
-if($_SESSION['userlevel'] != '10') { 
+if($_SESSION['userlevel'] != '10') 
+{
   include("includes/error-no-perm.inc.php");
-} else {
-
+} 
+else 
+{
   echo("<h3>Add User</h3>");
 
-  if($_POST['action'] == "add") {
-    if($_POST['new_username'] && $_POST['new_password'] && !mysql_result(mysql_query("SELECT * FROM users WHERE username = '".$_POST['new_username']."'"),0) ) {
-      mysql_query("INSERT INTO `users` (`username`, `realname`, `password`, `level`) VALUES ('" . mres($_POST['new_username']) . "', '" . mres($_POST['new_realname']) . "', MD5('" . mres($_POST['new_password']) . "'), '" . mres($_POST['new_level']) . "')");
-      if(mysql_affected_rows()) { echo("<span class=info>User " . $_POST['username'] . " added!</span>"); }
+  if (auth_usermanagement())
+  {
+    if($_POST['action'] == "add") 
+    { 
+      if($_POST['new_username'])
+      {
+        if (!user_exists($_POST['new_username']))
+        {
+          # FIXME: missing email field here on the form
+          if (adduser($_POST['new_username'], $_POST['new_password'], $_POST['new_level'], '', $_POST['realname']))
+          { 
+            echo("<span class=info>User " . $_POST['username'] . " added!</span>"); 
+          }
+        }
+        else
+        {
+          echo('<div class="red">User with this name already exists!</div>');
+        }
+      }
+      else
+      {
+        echo('<div class="red">Please enter a username!</div>');
+      }
     }
-  }
 
-  echo("<form method='post' action='?page=adduser'>
-          <input type='hidden' value='add' name='action'>");
-
-  echo("Username <input style='margin: 1px;' name='new_username'></input><br />");
-  if($_POST['action'] == "add" && !$_POST['new_username']) {
-    echo("<div class=red>Please enter a username!</div>");
-  } elseif( mysql_result(mysql_query("SELECT * FROM users WHERE username = '".$_POST['new_username']."'"),0)) {
-    echo("<span class=red>User with this name already exists!</span><br />");
-  }
+    echo("<form method='post' action='?page=adduser'> <input type='hidden' value='add' name='action'>");
+    echo("Username <input style='margin: 1px;' name='new_username'></input><br />");
   ?>
   Password <input style='margin: 1px;' name='new_password' id='new_password' type=password  /><br />
   <?php
-  if($_POST['action'] == "add" && !$_POST['new_password']) {
-    echo("<span class=red>Please enter a password!</span><br />");
-  }
-  echo("Realname <input style='margin: 1px;' name='new_realname'></input><br />");
+    if($_POST['action'] == "add" && !$_POST['new_password']) 
+    {
+      echo("<span class=red>Please enter a password!</span><br />");
+    }
+    echo("Realname <input style='margin: 1px;' name='new_realname'></input><br />");
   ?>
   <?php
-  echo("Level <select style='margin: 5px;' name='new_level'>
+    echo("Level <select style='margin: 5px;' name='new_level'>
           <option value='1'>Normal User</option>
           <option value='5'>Global Read</option>
           <option value='10'>Administrator</option>
         </select><br /><br />");
 
-  echo(" <input type='submit' Value='Add' >");
-
-  echo("</form>");
-
+    echo(" <input type='submit' Value='Add' >");
+    echo("</form>");
+  }
+  else
+  {
+    echo('<span class="red">Auth module does not allow user management!</span><br />');
+  }
 }
 
 echo("</div>");
 
 ?>
-
diff --git a/html/pages/deluser.php b/html/pages/deluser.php
index 5c5731285a..441aba7033 100644
--- a/html/pages/deluser.php
+++ b/html/pages/deluser.php
@@ -2,37 +2,46 @@
 
 echo("<div style='margin: 10px;'>");
 
-if($_SESSION['userlevel'] != '10') { include("includes/error-no-perm.inc.php"); } else {
-
+if($_SESSION['userlevel'] != '10') { include("includes/error-no-perm.inc.php"); } else 
+{
   echo("<h3>Delete User</h3>");
 
-  if($_GET['action'] == "del") {
+  if (auth_usermanagement())
+  {
 
-    $delete_username = mysql_result(mysql_query("SELECT username FROM users WHERE user_id = '" . mres($_GET['user_id']) . "'"),0);
+    if($_GET['action'] == "del") 
+    {
+      $delete_username = mysql_result(mysql_query("SELECT username FROM users WHERE user_id = '" . mres($_GET['user_id']) . "'"),0);
 
-    if($_GET['confirm'] == "yes") {
+      if($_GET['confirm'] == "yes") 
+      {
+        mysql_query("DELETE FROM `devices_perms` WHERE `user_id` = '" . mres($_GET['user_id']) . "'");
+        # FIXME v sql query should be replaced by authmodule
+        mysql_query("DELETE FROM `users` WHERE `user_id` = '" . mres($_GET['user_id']) . "'");
 
-      mysql_query("DELETE FROM `devices_perms` WHERE `user_id` = '" . mres($_GET['user_id']) . "'");
-      mysql_query("DELETE FROM `users` WHERE `user_id` = '" . mres($_GET['user_id']) . "'");
-
-      if(mysql_affected_rows()) { echo("<span class=info>User '$delete_username' deleted!</span>"); }
-
-    } else {
-
-      echo("<span class=alert>You have requested deletion of the  user '$delete_username'. This action can not be reversed.<br /><a href='?page=deluser&action=del&user_id=" . $_GET['user_id'] . "&confirm=yes'>Click to confirm</a></span>");
+        if(mysql_affected_rows()) { echo("<span class=info>User '$delete_username' deleted!</span>"); }
 
+      } 
+      else 
+      {
+        echo("<span class=alert>You have requested deletion of the user '$delete_username'. This action can not be reversed.<br /><a href='?page=deluser&action=del&user_id=" . $_GET['user_id'] . "&confirm=yes'>Click to confirm</a></span>");
+      }
     }
 
-  }
+    # FIXME v mysql query should be replaced by authmodule
+    $userlist = mysql_query("SELECT * FROM `users`");
 
-  $userlist = mysql_query("SELECT * FROM `users`");
-
-  while($userentry = mysql_fetch_array($userlist)) {
-    $i++;
-    echo($i . ". " . $userentry['username'] . "
+    while($userentry = mysql_fetch_array($userlist)) 
+    {
+      $i++;
+      echo($i . ". " . $userentry['username'] . "
          <a href='?page=deluser&action=del&user_id=" . $userentry['user_id'] . "'><img src='images/16/cross.png' align=absmiddle border=0></a><br/>");
+    }
+  }
+  else
+  {
+    echo("<span class=red>Auth module does not allow user management!</span><br />");
   }
-
 }
 
 echo("</div>");