diff --git a/NEWS b/NEWS
index 24a71db8c2652ac8562b55144018d423f6972774_TkVXUw==..7324a07438eeee1bce6953ff1e8e2e69b44b3194_TkVXUw== 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,8 @@
+next
+====
+
+* admin can have a password on top of saml connection.
+
 next
 ====
 
diff --git a/model/res_users.py b/model/res_users.py
index 24a71db8c2652ac8562b55144018d423f6972774_bW9kZWwvcmVzX3VzZXJzLnB5..7324a07438eeee1bce6953ff1e8e2e69b44b3194_bW9kZWwvcmVzX3VzZXJzLnB5 100644
--- a/model/res_users.py
+++ b/model/res_users.py
@@ -28,7 +28,7 @@
         password.
         """
 
-        if self._allow_saml_uid_and_internal_password(cr, context):
+        if self._allow_saml_uid_and_internal_password(cr, uid, context):
             # The constraint is a no-op in this case.
             return True
 
@@ -212,7 +212,9 @@
             cr, uid, ids, vals, context=context
         )
 
-    def _allow_saml_uid_and_internal_password(self, cr, context):
+    def _allow_saml_uid_and_internal_password(self, cr, uid, context):
+        if uid == SUPERUSER_ID:
+            return true
         setting_obj = self.pool['base.config.settings']
         return setting_obj.allow_saml_uid_and_internal_password(
             cr, context=context