diff --git a/mcs/class/corlib/System.Security.AccessControl/CommonAcl.cs b/mcs/class/corlib/System.Security.AccessControl/CommonAcl.cs
index 23150a638f185ad4e425141e50bb9d3172893d23..cbeea7f1362ddafa4e1c2ef0967a9cf6b5d94101 100644
--- a/mcs/class/corlib/System.Security.AccessControl/CommonAcl.cs
+++ b/mcs/class/corlib/System.Security.AccessControl/CommonAcl.cs
@@ -136,8 +136,8 @@ namespace System.Security.AccessControl
 			is_canonical = TestCanonicity ();
 			
 			if (IsCanonical) {
-				MergeExplicitAces ();
 				ApplyCanonicalSortToExplicitAces ();
+				MergeExplicitAces ();
 			}
 		}
 		
diff --git a/mcs/class/corlib/Test/System.Security.AccessControl/CommonAclTest.cs b/mcs/class/corlib/Test/System.Security.AccessControl/CommonAclTest.cs
index 2f8bf90066fb59d5d73deb4c806d46c1d2e32a9b..b44193a224db0adacb2ceb6b47f99cb3ffe3d20a 100644
--- a/mcs/class/corlib/Test/System.Security.AccessControl/CommonAclTest.cs
+++ b/mcs/class/corlib/Test/System.Security.AccessControl/CommonAclTest.cs
@@ -154,6 +154,35 @@ namespace MonoTests.System.Security.AccessControl
 			Assert.AreEqual (0, dacl.Count);
 		}
 
+		[Test]
+		public void MergesAfterSortingForMultipleSids ()
+		{
+			SecurityIdentifier adminSid = new SecurityIdentifier
+				(WellKnownSidType.BuiltinAdministratorsSid, null); // S-1-5-32-544
+
+			SecurityIdentifier userSid = new SecurityIdentifier
+				(WellKnownSidType.BuiltinUsersSid, null); // S-1-5-32-545
+
+			RawAcl acl = MakeRawAcl(new GenericAce[] {
+				new CommonAce (AceFlags.None, AceQualifier.AccessDenied, 1, userSid, false, null),
+				new CommonAce (AceFlags.None, AceQualifier.AccessDenied, 2, adminSid, false, null),
+				new CommonAce (AceFlags.None, AceQualifier.AccessDenied, 4, userSid, false, null),
+				new CommonAce (AceFlags.None, AceQualifier.AccessDenied, 8, adminSid, false, null),
+			});
+
+			DiscretionaryAcl dacl = new DiscretionaryAcl (false, false, acl);
+			Assert.IsTrue (dacl.IsCanonical);
+			Assert.AreEqual (2, dacl.Count);
+
+			CommonAce adminAce = (CommonAce)dacl [0];
+			Assert.AreEqual (adminSid, adminAce.SecurityIdentifier);
+			Assert.AreEqual (10, adminAce.AccessMask);
+
+			CommonAce userAce = (CommonAce)dacl [1];
+			Assert.AreEqual (userSid, userAce.SecurityIdentifier);
+			Assert.AreEqual (5, userAce.AccessMask);
+		}
+
 		[Test]
 		public void DetectsNonCanonicalAndDoesNotMerge ()
 		{
diff --git a/mcs/class/corlib/Test/System.Security.AccessControl/ObjectAceTest.cs b/mcs/class/corlib/Test/System.Security.AccessControl/ObjectAceTest.cs
index 73d067f4eb97baad99171b09251abfbcca03083f..fa3d81b46da00e21462b536b9231931ce0c45c31 100644
--- a/mcs/class/corlib/Test/System.Security.AccessControl/ObjectAceTest.cs
+++ b/mcs/class/corlib/Test/System.Security.AccessControl/ObjectAceTest.cs
@@ -11,7 +11,7 @@ using System.Security.AccessControl;
 using System.Security.Principal;
 using NUnit.Framework;
 
-namespace AccessControl
+namespace MonoTests.System.Security.AccessControl
 {
 	[TestFixture]
 	public class ObjectAceTest