I just tried with no problem.
I would be curious to know how you did exactly.
I just created a new user, add him to the Administrator role and he has the Admin privileges (he has the link to "create user" for example.
(in the management portlet, Admin corresponds to the Administrator role, this should be fixed. I'm opening a Jira issue for that, as well as another bug i found)
hmmmm...tried it out this morning and both portlets were accessible without having made any (further) changes to the security. Must be a caching issue???