diff --git a/enferno/commands.py b/enferno/commands.py
index 5674640ba..4b4963b39 100644
--- a/enferno/commands.py
+++ b/enferno/commands.py
@@ -141,7 +141,19 @@ def install() -> None:
             break
         except ValueError as e:
             click.echo(str(e))
-    user = User(username=u, password=hash_password(p), active=1)
+    user = User(
+        username=u,
+        password=hash_password(p),
+        active=1,
+        view_usernames=True,
+        view_simple_history=True,
+        view_full_history=True,
+        can_self_assign=True,
+        can_edit_locations=True,
+        can_export=True,
+        can_import_web=True,
+        can_access_media=True,
+    )
     user.name = "Admin"
     user.roles.append(admin_role)
     check = user.save()
diff --git a/enferno/setup/views.py b/enferno/setup/views.py
index 295dc077c..3cd0f3d3e 100644
--- a/enferno/setup/views.py
+++ b/enferno/setup/views.py
@@ -90,7 +90,20 @@ def create_admin() -> Any:
     if User.query.filter(User.username == username.lower()).first():
         return HTTPResponse.error("Username already exists")
 
-    new_admin = User(username=username, password=hash_password(password), active=1, name="Admin")
+    new_admin = User(
+        username=username,
+        password=hash_password(password),
+        active=1,
+        name="Admin",
+        view_usernames=True,
+        view_simple_history=True,
+        view_full_history=True,
+        can_self_assign=True,
+        can_edit_locations=True,
+        can_export=True,
+        can_import_web=True,
+        can_access_media=True,
+    )
     new_admin.roles.append(admin_role)
 
     db.session.add(new_admin)
diff --git a/tests/test_security.py b/tests/test_security.py
index 458e7ee16..9c3669be1 100644
--- a/tests/test_security.py
+++ b/tests/test_security.py
@@ -144,6 +144,14 @@ def test_create_admin_user(self, uninitialized_app, session_uninitialized):
         assert resp.json["data"]["item"]["username"] == "testAdmin"
         admin = User.query.filter(User.username == "testAdmin").first()
         assert admin is not None
+        assert admin.view_usernames is True
+        assert admin.view_simple_history is True
+        assert admin.view_full_history is True
+        assert admin.can_self_assign is True
+        assert admin.can_edit_locations is True
+        assert admin.can_export is True
+        assert admin.can_import_web is True
+        assert admin.can_access_media is True
 
     @pytest.mark.parametrize(
         "client_fixture, expected",