diff --git a/hsarback/src/de/hsadmin/mods/dom/DomainModuleImpl.java b/hsarback/src/de/hsadmin/mods/dom/DomainModuleImpl.java
index 9c3e570..c7fa57f 100644
--- a/hsarback/src/de/hsadmin/mods/dom/DomainModuleImpl.java
+++ b/hsarback/src/de/hsadmin/mods/dom/DomainModuleImpl.java
@@ -115,32 +115,31 @@ public class DomainModuleImpl extends AbstractModuleImpl {
 		// Standard domainoptions setzen. TODO: Alle defaults über eigene Klasse aus der Datenbank holen. 
 		UnixUser loginUser = getTransaction().getLoginUser();
 		if (!loginUser.hasHostmasterRole()) {
+			boolean usersDomain = false;
+			boolean otherUserDomain = false;
 			// search for domains superior to dom
 			Query domainQuery = em.createQuery("SELECT d FROM Domains d WHERE d.name = :domainName");
 			String superior = dom.getName();
-			while (superior.contains(".")) {
-				if (dom.isPacDomain()) {
-					break;
-				}
+			while (superior.contains(".") && !usersDomain) {
 				superior = superior.substring(superior.indexOf('.') + 1);
 				domainQuery.setParameter("domainName", superior);
 				List<?> resultList = domainQuery.getResultList();
 				if (resultList.size() > 0) {
 					Domain superDom = (Domain) resultList.get(0);
-					if (superDom.isPacDomain()) {
-						throw new HSAdminException("subdomains to pacdomain " + superDom.getName() + " are not allowed");
-					}
 					if (loginUser.hasPacAdminRoleFor(superDom.getUser().getPac())) {
-						break;	// same pac
-					}
-					if (loginUser.hasCustomerRoleFor(superDom.getUser().getPac().getCustomer())) {
-						break;	// same customer
+						usersDomain = true;		// same pac
+					} else{
+						if (loginUser.hasCustomerRoleFor(superDom.getUser().getPac().getCustomer())) {
+							usersDomain = true;		// same customer
+						} else {
+							otherUserDomain = true;
+						}
 					}
 				}
 			}
-			
-			// TODO war es ein break, dann weitermachen, sonst Exception !
-			
+			if (!usersDomain && otherUserDomain) {
+				throw new AuthorisationException(loginUser, "create", dom);
+			}
 		}
 		Query adminQuery = em.createQuery("SELECT u FROM UnixUsers u WHERE u.name = :adminName");
 		adminQuery.setParameter("adminName", admin.getName());
diff --git a/hsarback/test/de/hsadmin/remote/ContinuousIntegrationTest.java b/hsarback/test/de/hsadmin/remote/ContinuousIntegrationTest.java
index f4b5a38..b93edea 100644
--- a/hsarback/test/de/hsadmin/remote/ContinuousIntegrationTest.java
+++ b/hsarback/test/de/hsadmin/remote/ContinuousIntegrationTest.java
@@ -15,6 +15,7 @@ import org.junit.runners.Suite;
 	UnixUserTest.class,
 	EMailAliasTest.class,
 	DomainTest.class,
+	DomainDeleteTest.class,
 	EMailAddressTest.class,
 	SSLCertDomainTest.class,
 	DatabaseCleanTest.class,
diff --git a/hsarback/test/de/hsadmin/remote/DomainDeleteTest.java b/hsarback/test/de/hsadmin/remote/DomainDeleteTest.java
new file mode 100644
index 0000000..573968a
--- /dev/null
+++ b/hsarback/test/de/hsadmin/remote/DomainDeleteTest.java
@@ -0,0 +1,72 @@
+package de.hsadmin.remote;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.fail;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.xmlrpc.XmlRpcException;
+import org.apache.xmlrpc.client.XmlRpcClient;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+public class DomainDeleteTest {
+
+	private static final String MODULE = "domain";
+	
+	private XmlRpcClient client;
+	private RemoteCASHelper cas;
+
+	@Before
+	public void setUp() throws Exception {
+		client = RemoteTestHelper.getClient();
+		cas = new RemoteCASHelper();
+	}
+
+	@After
+	public void tearDown() throws Exception {
+		client = null;
+		cas = null;
+	}
+
+	@Test
+	public void testDelete() {
+		int count = getDomsCount();
+		String user = "aaa00";
+		String grantingTicketURL = cas.getGrantingTicketURL(user);
+		Map<String, String> whereParams = new HashMap<String, String>();
+		whereParams.put("name", "f6n.de");
+		Object[] params = new Object[] { user, 
+				cas.getServiceTicket(grantingTicketURL, RemoteTestHelper.getBackendURL()), 
+				whereParams };
+		try {
+			Object execute = client.execute(MODULE + ".delete", params);
+			assertNull(execute);
+		} catch (XmlRpcException e) {
+			fail(e.getMessage());
+		}
+		assertEquals(count - 1, getDomsCount());
+	}
+
+	private int getDomsCount() {
+		int count = 0;
+		String user = "aaa00";
+		String grantingTicketURL = cas.getGrantingTicketURL(user);
+		Map<String, String> whereParams = new HashMap<String, String>();
+		Object[] params = new Object[] { user, 
+				cas.getServiceTicket(grantingTicketURL, RemoteTestHelper.getBackendURL()), 
+				whereParams };
+		try {
+			Object execute = client.execute(MODULE + ".search", params);
+			Object[] result = (Object[]) execute;
+			count = result.length;
+		} catch (XmlRpcException e) {
+			fail(e.getMessage());
+		}
+		return count;
+	}
+
+}
diff --git a/hsarback/test/de/hsadmin/remote/DomainTest.java b/hsarback/test/de/hsadmin/remote/DomainTest.java
index 87dd3ec..020f632 100644
--- a/hsarback/test/de/hsadmin/remote/DomainTest.java
+++ b/hsarback/test/de/hsadmin/remote/DomainTest.java
@@ -54,7 +54,7 @@ public class DomainTest {
 		try {
 			Object execute = client.execute(MODULE + ".search", params);
 			Object[] result = (Object[]) execute;
-			assertEquals(2, result.length);
+			assertEquals(3, result.length);
 			for (Object o : result) {
 				if (o instanceof Map<?, ?>) {
 					Map<?, ?> row = (Map<?, ?>) o;
@@ -135,25 +135,6 @@ public class DomainTest {
 		}
 	}
 
-	@Test
-	public void testDelete() {
-		int count = getDomsCount();
-		String user = "aaa00";
-		String grantingTicketURL = cas.getGrantingTicketURL(user);
-		Map<String, String> whereParams = new HashMap<String, String>();
-		whereParams.put("name", "f6n.de");
-		Object[] params = new Object[] { user, 
-				cas.getServiceTicket(grantingTicketURL, RemoteTestHelper.getBackendURL()), 
-				whereParams };
-		try {
-			Object execute = client.execute(MODULE + ".delete", params);
-			assertNull(execute);
-		} catch (XmlRpcException e) {
-			fail(e.getMessage());
-		}
-		assertEquals(count - 1, getDomsCount());
-	}
-
 	@Test
 	public void testDomainOption() {
 		// these tests build upon each other
diff --git a/hsarback/test/de/hsadmin/remote/RemoteTest.java b/hsarback/test/de/hsadmin/remote/RemoteTest.java
index 5b82ce6..11f81d9 100644
--- a/hsarback/test/de/hsadmin/remote/RemoteTest.java
+++ b/hsarback/test/de/hsadmin/remote/RemoteTest.java
@@ -15,6 +15,7 @@ import org.junit.runners.Suite;
 	UnixUserTest.class,
 	EMailAliasTest.class,
 	DomainTest.class,
+	DomainDeleteTest.class,
 	EMailAddressTest.class,
 	DatabaseCleanTest.class,
 	PacMigrationTest.class,