diff --git a/app/controllers/institute/members.php b/app/controllers/institute/members.php
index 603aedf777500ed391384ffd2270bdcd6f3b523b..99dd0f8299cd0250b11f001d3b51909b1468b29a 100644
--- a/app/controllers/institute/members.php
+++ b/app/controllers/institute/members.php
@@ -37,6 +37,8 @@ class Institute_MembersController extends AuthenticatedController
         }
 
         if (!Institute::findCurrent()) {
+            $GLOBALS['perm']->check('admin');
+
             require_once 'lib/admin_search.inc.php';
 
             // TODO: We don't seem to need this since admin_search will stop the script