On the 'Group Members' page we can now add a new user Barry to the group.
![Add user Barry to the group](groups/add_member_to_group.png)
Now because Barry is a 'Developer' member of the 'Open Source' group, he automatically gets 'Developer' access to all projects in the 'Open Source' group.
![Barry has 'Developer' access to GitLab CI](groups/project_members_via_group.png)
If necessary, you can increase the access level of an individual user for a specific project, by adding them as a Member to the project.
![Barry effectively has 'Master' access to GitLab CI now](groups/override_access_level.png)
## Managing group memberships via LDAP
In GitLab Enterprise Edition it is possible to manage GitLab group memberships using LDAP groups.
See [the GitLab Enterprise Edition documentation](http://doc.gitlab.com/ee/integration/ldap.html) for more information.
## Allowing only admins to create groups
By default, any GitLab user can create new groups.
This ability can be disabled for individual users from the admin panel.
It is also possible to configure GitLab so that new users default to not being able to create groups:
```
# For omnibus-gitlab, put the following in /etc/gitlab/gitlab.rb