diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
index aeb81ba6e49d9d3125751103874e40b7e6405d7c..ff2287078c276dc2c49be8035decb3af0953cd30 100755
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
@@ -281,21 +281,25 @@ public class LdapUserDAO extends LdapDAO
         {
             throw new IllegalArgumentException("No user identities");
         }
-        Principal idForLogging = principals.iterator().next();
 
         if (user.posixDetails != null)
         {
             throw new UnsupportedOperationException("Support for users PosixDetails not available");
         }
 
+        Set<X500Principal> x500Principals = user.getIdentities(X500Principal.class);
+        if (x500Principals.isEmpty())
+        {
+            throw new IllegalArgumentException("No user X500Principals found");
+        }
+        X500Principal idForLogging = x500Principals.iterator().next();
+
         // check current users
         for (Principal p : principals)
         {
             checkUsers(p, null, config.getUsersDN());
         }
 
-        Set<X500Principal> x500Principals = user.getIdentities(X500Principal.class);
-
         try
         {
             long numericID = genNextNumericId();
diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/CreateUserAction.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/CreateUserAction.java
index eb82732f72fafb4761a4492c56299f7a6f4ac2db..e983a9caf6133044e4f6e8dfc9f9e6ff42737693 100644
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/CreateUserAction.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/CreateUserAction.java
@@ -70,8 +70,10 @@ package ca.nrc.cadc.ac.server.web.users;
 
 import ca.nrc.cadc.ac.User;
 
+import javax.security.auth.x500.X500Principal;
 import java.io.InputStream;
 import java.security.AccessControlException;
+import java.util.Set;
 
 public class CreateUserAction extends AbstractUserAction
 {
@@ -95,7 +97,12 @@ public class CreateUserAction extends AbstractUserAction
         userPersistence.addUser(user);
 
         syncOut.setCode(201);
-        logUserInfo(user.getHttpPrincipal().getName());
+        Set<X500Principal> x500Principals = user.getIdentities(X500Principal.class);
+        if (!x500Principals.isEmpty())
+        {
+            X500Principal x500Principal = x500Principals.iterator().next();
+            logUserInfo(x500Principal.getName());
+        }
     }
 
 }
diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UserActionFactory.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UserActionFactory.java
index b8b28d02fefc415ecf3317a1ba035f08b9a9e603..dc3cdc2505a64ed00c55caa4ade24a5ebd6cc35c 100644
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UserActionFactory.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UserActionFactory.java
@@ -258,7 +258,7 @@ public abstract class UserActionFactory
         }
         else
         {
-            throw new IllegalArgumentException("Unregonized userid");
+            throw new IllegalArgumentException("Unrecognized userid");
         }
     }