diff --git a/labs/scripts/ubuntu/setup_keystone.sh b/labs/scripts/ubuntu/setup_keystone.sh
index 2d00e699..2300e61f 100755
--- a/labs/scripts/ubuntu/setup_keystone.sh
+++ b/labs/scripts/ubuntu/setup_keystone.sh
@@ -88,9 +88,12 @@ echo "Adding admin tenant."
 keystone tenant-create --name "$ADMIN_TENANT_NAME" --description "Admin Tenant"
 
 echo "Creating admin user."
-keystone user-create --name "$ADMIN_USER_NAME" --pass "$ADMIN_PASSWORD" --email "admin@$MAIL_DOMAIN"
+keystone user-create \
+    --name "$ADMIN_USER_NAME" \
+    --pass "$ADMIN_PASSWORD" \
+    --email "admin@$MAIL_DOMAIN"
 
-echo "Creating admin roles."
+echo "Creating admin role."
 keystone role-create --name "$ADMIN_ROLE_NAME"
 
 echo "Linking admin user, admin role and admin tenant."
@@ -99,23 +102,17 @@ keystone user-role-add \
     --tenant "$ADMIN_TENANT_NAME" \
     --role "$ADMIN_ROLE_NAME"
 
-echo "Linking admin user, _member_ role, and admin tenant."
-keystone user-role-add \
-    --tenant "$ADMIN_TENANT_NAME" \
-    --user "$ADMIN_USER_NAME" \
-    --role "$MEMBER_ROLE_NAME"
-
 echo "Creating demo tenant."
 keystone tenant-create --name "$DEMO_TENANT_NAME" --description "Demo Tenant"
 
 echo "Creating demo user."
-keystone user-create --name "$DEMO_USER_NAME" --pass "$DEMO_PASSWORD" --email "demo@$MAIL_DOMAIN"
-
-echo "Linking the demo user, _member_ role, and demo tenant."
-keystone user-role-add \
+# Using the --tenant option automatically assigns the _member_ role to a user.
+# This option will also create the _member_ role if it does not exist.
+keystone user-create \
+    --name "$DEMO_USER_NAME" \
     --tenant "$DEMO_TENANT_NAME" \
-    --user "$DEMO_USER_NAME" \
-    --role "$MEMBER_ROLE_NAME"
+    --pass "$DEMO_PASSWORD" \
+    --email "demo@$MAIL_DOMAIN"
 
 echo "Adding service tenant."
 keystone tenant-create \