diff --git a/src/internal/controller/zitadelcluster_controller.go b/src/internal/controller/zitadelcluster_controller.go
index 5ab9e44..2889229 100644
--- a/src/internal/controller/zitadelcluster_controller.go
+++ b/src/internal/controller/zitadelcluster_controller.go
@@ -585,7 +585,9 @@ func (r *ZitadelClusterReconciler) reconcileInitialHumanUser(ctx context.Context
 		LoginName: strings.ToLower(fmt.Sprintf("%s@%s.%s", admin.AccountName, zitadel.Spec.FirstOrgName, zitadel.Spec.Host)),
 	})
 	if err != nil {
-		return ctrl.Result{}, fmt.Errorf("Error getting admin user: %v", err)
+		if !strings.Contains(err.Error(), "could not be found") {
+			return ctrl.Result{}, fmt.Errorf("Error getting admin user: %v", err)
+		}
 	}
 	var userid string
 	if adminUser.User == nil {
@@ -632,6 +634,17 @@ func (r *ZitadelClusterReconciler) reconcileInitialHumanUser(ctx context.Context
 			return ctrl.Result{}, fmt.Errorf("Error setting password for member: %v", err)
 		}
 	}
+	{
+		if _, err := managementClient.UpdateOrgMember(middleware.SetOrgID(ctx, org.Org.Id), &management.UpdateOrgMemberRequest{
+			UserId: userid,
+			Roles: []string{
+				"ORG_OWNER",
+			},
+		}); err != nil {
+			return ctrl.Result{}, fmt.Errorf("Error adding org member: %v", err)
+		}
+
+	}
 
 	patch := client.MergeFrom(zitadel.DeepCopy())
 	zitadel.Status.InitialAdminId = userid