diff --git a/src/domain/sql_opaque_handler.rs b/src/domain/sql_opaque_handler.rs
index 998475f..d5d23ca 100644
--- a/src/domain/sql_opaque_handler.rs
+++ b/src/domain/sql_opaque_handler.rs
@@ -213,6 +213,34 @@ impl OpaqueHandler for SqlOpaqueHandler {
     }
 }
 
+/// Convenience function to set a user's password.
+pub(crate) async fn register_password(
+    opaque_handler: &SqlOpaqueHandler,
+    username: &str,
+    password: &str,
+) -> Result<()> {
+    let mut rng = rand::rngs::OsRng;
+    use registration::*;
+    let registration_start = opaque::client::registration::start_registration(password, &mut rng)?;
+    let start_response = opaque_handler
+        .registration_start(ClientRegistrationStartRequest {
+            username: username.to_string(),
+            registration_start_request: registration_start.message,
+        })
+        .await?;
+    let registration_finish = opaque::client::registration::finish_registration(
+        registration_start.state,
+        start_response.registration_response,
+        &mut rng,
+    )?;
+    opaque_handler
+        .registration_finish(ClientRegistrationFinishRequest {
+            server_data: start_response.server_data,
+            registration_upload: registration_finish.message,
+        })
+        .await
+}
+
 #[cfg(test)]
 mod tests {
     use super::*;
@@ -279,34 +307,6 @@ mod tests {
         Ok(())
     }
 
-    async fn attempt_registration(
-        opaque_handler: &SqlOpaqueHandler,
-        username: &str,
-        password: &str,
-    ) -> Result<()> {
-        let mut rng = rand::rngs::OsRng;
-        use registration::*;
-        let registration_start =
-            opaque::client::registration::start_registration(password, &mut rng)?;
-        let start_response = opaque_handler
-            .registration_start(ClientRegistrationStartRequest {
-                username: username.to_string(),
-                registration_start_request: registration_start.message,
-            })
-            .await?;
-        let registration_finish = opaque::client::registration::finish_registration(
-            registration_start.state,
-            start_response.registration_response,
-            &mut rng,
-        )?;
-        opaque_handler
-            .registration_finish(ClientRegistrationFinishRequest {
-                server_data: start_response.server_data,
-                registration_upload: registration_finish.message,
-            })
-            .await
-    }
-
     #[tokio::test]
     async fn test_flow() -> Result<()> {
         let sql_pool = get_initialized_db().await;
@@ -317,7 +317,7 @@ mod tests {
         attempt_login(&opaque_handler, "bob", "bob00")
             .await
             .unwrap_err();
-        attempt_registration(&opaque_handler, "bob", "bob00").await?;
+        register_password(&opaque_handler, "bob", "bob00").await?;
         attempt_login(&opaque_handler, "bob", "wrong_password")
             .await
             .unwrap_err();
diff --git a/src/main.rs b/src/main.rs
index f65ea42..a3f53a5 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -3,7 +3,8 @@
 
 use crate::{
     domain::{
-        handler::BackendHandler, sql_backend_handler::SqlBackendHandler, sql_tables::PoolOptions,
+        handler::BackendHandler, sql_backend_handler::SqlBackendHandler,
+        sql_opaque_handler::register_password, sql_tables::PoolOptions,
     },
     infra::{configuration::Configuration, db_cleaner::Scheduler},
 };
@@ -21,6 +22,7 @@ async fn create_admin_user(handler: &SqlBackendHandler, config: &Configuration)
             user_id: config.ldap_user_dn.clone(),
             ..Default::default()
         })
+        .and_then(|_| register_password(handler, &config.ldap_user_dn, &config.ldap_user_pass))
         .await
         .map_err(|e| anyhow!("Error creating admin user: {}", e))?;
     let admin_group_id = handler