diff --git a/src/Core/Services/Implementations/OrganizationService.cs b/src/Core/Services/Implementations/OrganizationService.cs
index c100b6c885..d43e97f0f6 100644
--- a/src/Core/Services/Implementations/OrganizationService.cs
+++ b/src/Core/Services/Implementations/OrganizationService.cs
@@ -543,11 +543,17 @@ namespace Bit.Core.Services
         public async Task<Tuple<Organization, OrganizationUser>> SignUpAsync(
             OrganizationLicense license, User owner, string ownerKey)
         {
-            if(license == null || !_licensingService.VerifyLicense(license) || !license.CanUse(_globalSettings.Installation.Id))
+            if(license == null || !_licensingService.VerifyLicense(license))
             {
                 throw new BadRequestException("Invalid license.");
             }
 
+            if(!license.CanUse(_globalSettings.Installation.Id))
+            {
+                throw new BadRequestException("Invalid license. Make sure your license allows for on-premise " +
+                    "hosting of organizations and that the installation id matches.");
+            }
+
             var plan = StaticStore.Plans.FirstOrDefault(p => p.Type == license.PlanType && !p.Disabled);
             if(plan == null)
             {
@@ -578,7 +584,13 @@ namespace Bit.Core.Services
                 RevisionDate = DateTime.UtcNow
             };
 
-            return await SignUpAsync(organization, owner.Id, ownerKey, false);
+            var result = await SignUpAsync(organization, owner.Id, ownerKey, false);
+
+            var dir = $"{_globalSettings.LicenseDirectory}/organization";
+            Directory.CreateDirectory(dir);
+            File.WriteAllText($"{dir}/{organization.Id}.json", JsonConvert.SerializeObject(license, Formatting.Indented));
+
+            return result;
         }
 
         private async Task<Tuple<Organization, OrganizationUser>> SignUpAsync(Organization organization,
@@ -638,14 +650,15 @@ namespace Bit.Core.Services
                 throw new InvalidOperationException("Licenses require self hosting.");
             }
 
-            if(license == null || !_licensingService.VerifyLicense(license) || !license.CanUse(_globalSettings.Installation.Id))
+            if(license == null || !_licensingService.VerifyLicense(license))
             {
                 throw new BadRequestException("Invalid license.");
             }
 
-            if(!license.SelfHost)
+            if(!license.CanUse(_globalSettings.Installation.Id))
             {
-                throw new BadRequestException("This license does not allow on-premise hosting.");
+                throw new BadRequestException("Invalid license. Make sure your license allows for on-premise " +
+                    "hosting of organizations and that the installation id matches.");
             }
 
             if(license.Seats.HasValue && (!organization.Seats.HasValue || organization.Seats.Value > license.Seats.Value))
@@ -670,7 +683,15 @@ namespace Bit.Core.Services
                 }
             }
 
-            // TODO: groups
+            if(!license.UseGroups && organization.UseGroups)
+            {
+                var groups = await _groupRepository.GetManyByOrganizationIdAsync(organization.Id);
+                if(groups.Count > 0)
+                {
+                    throw new BadRequestException($"Your organization currently has {groups.Count} groups. " +
+                        $"Your new license does not allow for the use of groups. Remove all groups.");
+                }
+            }
 
             var dir = $"{_globalSettings.LicenseDirectory}/organization";
             Directory.CreateDirectory(dir);
diff --git a/src/Core/Services/Implementations/UserService.cs b/src/Core/Services/Implementations/UserService.cs
index 0d758134ad..a3c573a460 100644
--- a/src/Core/Services/Implementations/UserService.cs
+++ b/src/Core/Services/Implementations/UserService.cs
@@ -543,11 +543,16 @@ namespace Bit.Core.Services
             IPaymentService paymentService = null;
             if(_globalSettings.SelfHosted)
             {
-                if(license == null || !_licenseService.VerifyLicense(license) || !license.CanUse(user))
+                if(license == null || !_licenseService.VerifyLicense(license))
                 {
                     throw new BadRequestException("Invalid license.");
                 }
 
+                if(!license.CanUse(user))
+                {
+                    throw new BadRequestException("This license is not valid for this user.");
+                }
+
                 var dir = $"{_globalSettings.LicenseDirectory}/user";
                 Directory.CreateDirectory(dir);
                 File.WriteAllText($"{dir}/{user.Id}.json", JsonConvert.SerializeObject(license, Formatting.Indented));
@@ -608,18 +613,23 @@ namespace Bit.Core.Services
                 throw new InvalidOperationException("Licenses require self hosting.");
             }
 
-            if(license == null || !_licenseService.VerifyLicense(license) || !license.CanUse(user))
+            if(license == null || !_licenseService.VerifyLicense(license))
             {
                 throw new BadRequestException("Invalid license.");
             }
 
+            if(!license.CanUse(user))
+            {
+                throw new BadRequestException("This license is not valid for this user.");
+            }
+
             var dir = $"{_globalSettings.LicenseDirectory}/user";
             Directory.CreateDirectory(dir);
             File.WriteAllText($"{dir}/{user.Id}.json", JsonConvert.SerializeObject(license, Formatting.Indented));
 
-            user.Premium = true;
+            user.Premium = license.Premium;
             user.RevisionDate = DateTime.UtcNow;
-            user.MaxStorageGb = 10240; // 10 TB
+            user.MaxStorageGb = _globalSettings.SelfHosted ? 10240 : license.MaxStorageGb; // 10 TB
             user.LicenseKey = license.LicenseKey;
             user.PremiumExpirationDate = license.Expires;
             await SaveUserAsync(user);