diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/activeconnection/ActiveConnectionPermissionService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/activeconnection/ActiveConnectionPermissionService.java
index 123a32069..cb29c5acb 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/activeconnection/ActiveConnectionPermissionService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/activeconnection/ActiveConnectionPermissionService.java
@@ -97,7 +97,7 @@ public class ActiveConnectionPermissionService
                 permissions.add(new ObjectPermission(ObjectPermission.Type.READ, identifier));
 
                 // If we're an admin, or the connection is ours, then we can DELETE
-                if (isAdmin || targetUser.getIdentifier().equals(record.getUsername()))
+                if (isAdmin || (targetEntity.isUser() && targetEntity.getIdentifier().equals(record.getUsername())))
                     permissions.add(new ObjectPermission(ObjectPermission.Type.DELETE, identifier));
 
             }