diff --git a/neon_data_models/models/user/database.py b/neon_data_models/models/user/database.py
index 699c08f..7a96902 100644
--- a/neon_data_models/models/user/database.py
+++ b/neon_data_models/models/user/database.py
@@ -31,7 +31,7 @@
 
 # from neon_data_models.models.api import HanaToken
 from neon_data_models.models.base import BaseModel
-from pydantic import Field
+from pydantic import Field, ConfigDict
 from datetime import date
 
 from neon_data_models.enum import AccessRoles
@@ -126,7 +126,8 @@ class PermissionsConfig(BaseModel):
         description="Defines access to DIANA backend services. "
                     "(i.e. API proxy, email proxy).")
     users: AccessRoles = Field(
-        AccessRoles.NONE, description="Defines access to the users service.")
+        default_factory=lambda: AccessRoles.NONE,
+        description="Defines access to the users service.")
     node: AccessRoles = Field(
         AccessRoles.NONE,
         description="Defines access to the node websocket in HANA.")
@@ -140,6 +141,7 @@ class PermissionsConfig(BaseModel):
 
     class Config:
         use_enum_values = True
+        validate_default = True
 
     @classmethod
     def from_roles(cls, roles: List[str]):
diff --git a/tests/models/test_user.py b/tests/models/test_user.py
index c67c862..c857d17 100644
--- a/tests/models/test_user.py
+++ b/tests/models/test_user.py
@@ -85,6 +85,7 @@ def test_neon_user_config(self):
         self.assertIsInstance(config.user.dob, date)
 
     def test_user(self):
+        from neon_data_models.enum import AccessRoles
         user_kwargs = dict(username="test",
                            password_hash="test",
                            tokens=[{"token_name": "test_token",
@@ -98,6 +99,11 @@ def test_user(self):
                                     "last_refresh_timestamp": round(time())}])
         default_user = User(**user_kwargs)
         self.assertIsInstance(default_user.tokens[0], HanaToken)
+
+        dumped = default_user.model_dump()
+        for perm in dumped['permissions']:
+            self.assertEqual(int, type(dumped['permissions'][perm]), perm)
+            self.assertIsInstance(AccessRoles(dumped['permissions'][perm]), AccessRoles, perm)
         with self.assertRaises(ValidationError):
             User()
 
@@ -124,8 +130,14 @@ def test_permissions_config(self):
                                         node=AccessRoles.NODE,
                                         hub=AccessRoles.NODE,
                                         llm=AccessRoles.NONE)
+
+        # Test dumped enums
+        dumped = test_config.model_dump()
+        for key, value in dumped.items():
+            self.assertEqual(type(value), int, key)
+
         # Test dump/load
-        self.assertEqual(PermissionsConfig(**test_config.model_dump()),
+        self.assertEqual(PermissionsConfig(**dumped),
                          test_config)
 
         # Test to/from roles