diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/AbstractServer.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/AbstractServer.java
index 4db9e6ccbd30a738a94b1e10c2308b215dc790b9..21af3da8cc46b6a9007fed4c6ca8fdcc3beae782 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/AbstractServer.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/AbstractServer.java
@@ -493,7 +493,12 @@ public abstract class AbstractServer<T> extends AbstractServiceWithLogger<T> imp
                 IRoleAssignmentDAO roleAssignmenDAO = getDAOFactory().getRoleAssignmentDAO();
                 person.setActive(false);
                 person.clearAuthorizationGroups();
-                for (RoleAssignmentPE roleAssignment : person.getRoleAssignments())
+                // Direct iteration over role assignments could lead to a
+                // ConcurrentModificationException because roleAssignmentDAO.deleteRoleAssignment()
+                // will remove the assignment from person.
+                List<RoleAssignmentPE> roleAssignments =
+                        new ArrayList<RoleAssignmentPE>(person.getRoleAssignments());
+                for (RoleAssignmentPE roleAssignment : roleAssignments)
                 {
                     roleAssignmenDAO.deleteRoleAssignment(roleAssignment);
                 }