diff --git a/src/internal/controller/organization_controller.go b/src/internal/controller/organization_controller.go
index 12e7f1e..48b8ed4 100644
--- a/src/internal/controller/organization_controller.go
+++ b/src/internal/controller/organization_controller.go
@@ -153,13 +153,6 @@ func (wr *wrappedOrganizationReconciler) reconcileInitialAdmin(ctx context.Conte
 	if err != nil {
 		return err
 	}
-	var adminClient *admin.Client
-	if zitadelCluster.Spec.FirstOrgName == wr.organization.Name {
-		adminClient, err = zitadelClient.NewAdminClient(ctx, zitadelCluster, *wr.refResolver)
-		if err != nil {
-			return err
-		}
-	}
 
 	adminUser, err := ztdClient.GetUserByLoginNameGlobal(ctx, &pb.GetUserByLoginNameGlobalRequest{
 		LoginName: strings.ToLower(fmt.Sprintf("%s@%s.%s", wr.organization.Spec.OrganizationAdmin.UserName, wr.organization.Name, zitadelCluster.Spec.Host)),
@@ -216,7 +209,11 @@ func (wr *wrappedOrganizationReconciler) reconcileInitialAdmin(ctx context.Conte
 			}
 		}
 
-		if adminClient != nil {
+		if zitadelCluster.Spec.FirstOrgName == wr.organization.Name {
+			adminClient, err := zitadelClient.NewAdminClient(ctx, zitadelCluster, *wr.refResolver)
+			if err != nil {
+				return err
+			}
 			{
 				if _, err := adminClient.AddIAMMember(ctx, &adm.AddIAMMemberRequest{
 					UserId: userid,