diff --git a/core/includes/session.inc b/core/includes/session.inc
index 40e495f..9535606 100644
--- a/core/includes/session.inc
+++ b/core/includes/session.inc
@@ -113,10 +113,10 @@ function _drupal_session_read($sid) {
   // We found the client's session record and they are an authenticated,
   // active user.
   if ($values && $values['uid'] > 0 && $values['status'] == 1) {
-    $user = new UserSession($values);
     // Add roles element to $user.
-    $rids = db_query("SELECT ur.rid FROM {users_roles} ur WHERE ur.uid = :uid", array(':uid' => $user->uid))->fetchCol();
-    $user->roles = array_merge(array(DRUPAL_AUTHENTICATED_RID), $rids);
+    $rids = Drupal::entityManager()->getStorageController('user')->getUserRoles(array($values['uid']));
+    $values['roles'] = $rids[$values['uid']];
+    $user = new UserSession($values);
   }
   elseif ($user) {
     // The user is anonymous or blocked. Only preserve two fields from the
diff --git a/core/modules/user/lib/Drupal/user/Plugin/views/field/Roles.php b/core/modules/user/lib/Drupal/user/Plugin/views/field/Roles.php
index 22c2819..d3a1e97 100644
--- a/core/modules/user/lib/Drupal/user/Plugin/views/field/Roles.php
+++ b/core/modules/user/lib/Drupal/user/Plugin/views/field/Roles.php
@@ -9,6 +9,7 @@
 
 use Drupal\Component\Annotation\PluginID;
 use Drupal\Core\Database\Connection;
+use Drupal\user\UserStorageControllerInterface;
 use Drupal\views\Plugin\views\display\DisplayPluginBase;
 use Drupal\views\ViewExecutable;
 use Drupal\views\Plugin\views\field\PrerenderList;
@@ -26,9 +27,9 @@ class Roles extends PrerenderList {
   /**
    * Database Service Object.
    *
-   * @var \Drupal\Core\Database\Connection
+   * @var \Drupal\user\UserStorageControllerInterface
    */
-  protected $database;
+  protected $storageController;
 
   /**
    * Constructs a Drupal\Component\Plugin\PluginBase object.
@@ -42,17 +43,17 @@ class Roles extends PrerenderList {
    * @param \Drupal\Core\Database\Connection $database
    *   Database Service Object.
    */
-  public function __construct(array $configuration, $plugin_id, array $plugin_definition, Connection $database) {
+  public function __construct(array $configuration, $plugin_id, array $plugin_definition, UserStorageControllerInterface $storage_controller) {
     parent::__construct($configuration, $plugin_id, $plugin_definition);
 
-    $this->database = $database;
+    $this->storageController = $storage_controller;
   }
 
   /**
    * {@inheritdoc}
    */
   public static function create(ContainerInterface $container, array $configuration, $plugin_id, array $plugin_definition) {
-    return new static($configuration, $plugin_id, $plugin_definition, $container->get('database'));
+    return new static($configuration, $plugin_id, $plugin_definition, $container->get('plugin.manager.entity')->getStorageController('user'));
   }
 
   /**
@@ -79,10 +80,15 @@ public function preRender(&$values) {
 
     if ($uids) {
       $roles = user_roles();
-      $result = $this->database->query('SELECT u.uid, u.rid FROM {users_roles} u WHERE u.uid IN (:uids) AND u.rid IN (:rids)', array(':uids' => $uids, ':rids' => array_keys($roles)));
-      foreach ($result as $role) {
-        $this->items[$role->uid][$role->rid]['role'] = check_plain($roles[$role->rid]->label());
-        $this->items[$role->uid][$role->rid]['rid'] = $role->rid;
+      $users_rids = $this->storageController->getUserRoles($uids);
+      foreach ($users_rids as $uid => $rids) {
+        foreach ($rids as $rid) {
+          // Don't list anonymous/authenticated user roles.
+          if (!in_array($rid, array(DRUPAL_AUTHENTICATED_RID, DRUPAL_ANONYMOUS_RID))) {
+            $this->items[$uid][$rid]['role'] = check_plain($roles[$rid]->label());
+            $this->items[$uid][$rid]['rid'] = $rid;
+          }
+        }
       }
       // Sort the roles for each user by role weight.
       $ordered_roles = array_flip(array_keys($roles));
diff --git a/core/modules/user/lib/Drupal/user/UserStorageController.php b/core/modules/user/lib/Drupal/user/UserStorageController.php
index 8b4653c..844f301 100644
--- a/core/modules/user/lib/Drupal/user/UserStorageController.php
+++ b/core/modules/user/lib/Drupal/user/UserStorageController.php
@@ -75,18 +75,10 @@ public static function createInstance(ContainerInterface $container, $entity_typ
    * Overrides Drupal\Core\Entity\DatabaseStorageController::attachLoad().
    */
   function attachLoad(&$queried_users, $load_revision = FALSE) {
-    foreach ($queried_users as $key => $record) {
-      $queried_users[$key]->roles = array();
-      if ($record->uid) {
-        $queried_users[$record->uid]->roles[] = DRUPAL_AUTHENTICATED_RID;
-      }
-      else {
-        $queried_users[$record->uid]->roles[] = DRUPAL_ANONYMOUS_RID;
-      }
-    }
-
     // Add any additional roles from the database.
-    $this->addRoles($queried_users);
+    foreach ($this->getUserRoles(array_keys($queried_users)) as $uid => $rids) {
+      $queried_users[$uid]->roles = $rids;
+    }
 
     // Call the default attachLoad() method. This will add fields and call
     // hook_user_load().
@@ -135,16 +127,6 @@ public function saveRoles(EntityInterface $user) {
   /**
    * {@inheritdoc}
    */
-  public function addRoles(array $users) {
-    $result = db_query('SELECT rid, uid FROM {users_roles} WHERE uid IN (:uids)', array(':uids' => array_keys($users)));
-    foreach ($result as $record) {
-      $users[$record->uid]->roles[] = $record->rid;
-    }
-  }
-
-  /**
-   * {@inheritdoc}
-   */
   public function deleteUserRoles(array $uids) {
     $this->database->delete('users_roles')
       ->condition('uid', $uids)
@@ -174,6 +156,27 @@ protected function invokeHook($hook, EntityInterface $entity) {
   /**
    * {@inheritdoc}
    */
+  public function getUserRoles(array $uids) {
+    $users = array();
+    foreach ($uids as $uid) {
+      $users[$uid] = array();
+      if ($uid) {
+        $users[$uid] = array(DRUPAL_AUTHENTICATED_RID);
+      }
+      else {
+        $users[$uid] = array(DRUPAL_ANONYMOUS_RID);
+      }
+    }
+    $result = $this->database->query('SELECT rid, uid FROM {users_roles} WHERE uid IN (:uids)', array(':uids' => array_keys($users)));
+    foreach ($result as $record) {
+      $users[$record->uid][] = $record->rid;
+    }
+    return $users;
+  }
+
+  /**
+   * {@inheritdoc}
+   */
   public function baseFieldDefinitions() {
     $properties['uid'] = array(
       'label' => t('User ID'),
diff --git a/core/modules/user/lib/Drupal/user/UserStorageControllerInterface.php b/core/modules/user/lib/Drupal/user/UserStorageControllerInterface.php
index 8768869..5677d65 100644
--- a/core/modules/user/lib/Drupal/user/UserStorageControllerInterface.php
+++ b/core/modules/user/lib/Drupal/user/UserStorageControllerInterface.php
@@ -16,13 +16,6 @@
 interface UserStorageControllerInterface extends EntityStorageControllerInterface {
 
   /**
-   * Add any roles from the storage to the user.
-   *
-   * @param array $users
-   */
-  public function addRoles(array $users);
-
-  /**
    * Save the user's roles.
    *
    * @param \Drupal\Core\Entity\EntityInterface $user
@@ -36,4 +29,15 @@ public function saveRoles(EntityInterface $user);
    */
   public function deleteUserRoles(array $uids);
 
+  /**
+   * Returns role IDs of the provided users.
+   *
+   * @param array $uids
+   *   User ID's for which roles should be returned.
+   *
+   * @return array
+   *   An array of role ids per user, keyed by the user id.
+   */
+  public function getUserRoles(array $uids);
+
 }
diff --git a/core/modules/user/user.admin.inc b/core/modules/user/user.admin.inc
index 9361864..341b6ea 100644
--- a/core/modules/user/user.admin.inc
+++ b/core/modules/user/user.admin.inc
@@ -28,22 +28,24 @@ function user_admin_account() {
     ->extend('Drupal\Core\Database\Query\PagerSelectExtender')
     ->extend('Drupal\Core\Database\Query\TableSortExtender');
   $query
-    ->fields('u', array('uid', 'name', 'status', 'created', 'access'))
+    ->fields('u', array('uid'))
     ->limit(50)
     ->orderByHeader($header)
     ->setCountQuery($count_query);
-  $result = $query->execute();
+  $uids = $query
+    ->execute()
+    ->fetchCol();
 
   $destination = drupal_get_destination();
   $status = array(t('blocked'), t('active'));
   $roles = array_map('check_plain', user_role_names(TRUE));
-  $accounts = array();
-  foreach ($result as $account) {
-    $account = user_load($account->uid);
+  foreach (user_load_multiple($uids) as $account) {
     $users_roles = array();
-    $roles_result = db_query('SELECT rid FROM {users_roles} WHERE uid = :uid', array(':uid' => $account->uid));
-    foreach ($roles_result as $user_role) {
-      $users_roles[] = $roles[$user_role->rid];
+    foreach ($account->getRoles() as $rid) {
+      // Skip the authenticated user role.
+      if ($rid != DRUPAL_AUTHENTICATED_RID) {
+        $users_roles[] = $roles[$rid];
+      }
     }
     asort($users_roles);
     $username = array(
diff --git a/core/profiles/standard/standard.install b/core/profiles/standard/standard.install
index 5c29f4d..2057131 100644
--- a/core/profiles/standard/standard.install
+++ b/core/profiles/standard/standard.install
@@ -45,9 +45,9 @@ function standard_install() {
   $user_settings->set('admin_role', 'administrator')->save();
 
   // Assign user 1 the "administrator" role.
-  db_insert('users_roles')
-    ->fields(array('uid' => 1, 'rid' => 'administrator'))
-    ->execute();
+  $user = user_load(1);
+  $user->addRole('administrator');
+  $user->save();
 
   // Create a Home link in the main menu.
   $menu_link = entity_create('menu_link', array(