Go to main content

man pages section 8: System Administration Commands

Exit Print View

Updated: Wednesday, July 27, 2022



groupadd - add (create) a new group definition on the system


/usr/sbin/groupadd [-g gid [-o]] [-S repository]
     [-U user1[,user2..] ] group


The groupadd command creates a new group definition on the system by adding the appropriate entry to the group database in the files and ldap repositories.

An administrator must be granted the User Management rights profile or have solaris.group.manage authorization to be able to add a group. Once the group is successfully added, the administrator is granted the authorization to modify and delete the group. See groupmod(8) and groupdel(8). The authorizations required to assign groups and projects can be found in group(5) and project(5).


The following options are supported:

–g gid

Assigns the group id gid for the new group. This group id must be a non-negative decimal integer below MAXUID as defined in /usr/include/sys/param.h. The group ID defaults to the next available (unique) number above the highest number currently assigned. For example, if groups 100, 105, and 200 are assigned as groups, the next default group number is 201. (Group IDs from 0 99 are reserved by Oracle Solaris for future applications.)


Allows the gid to be duplicated (non-unique). An administrator must have solaris.group.assign authorization to use this option.

–S repository

The repository specifies which name service will be updated. The valid repositories are files and ldap. The default repository is files. When the repository is files, the user names can be present in other name service repositories and can be assigned to a group in the files repository. When the repository is ldap, all the assignable attributes must be present in the ldap repository, and both the LDAP server and client must be configured with enableShadowUpdate. See ldapclient(8) for details.

–U user1[,user2]

Adds a list of users user1, user2 to the group.


The following operands are supported:


A string consisting of characters from the set of ASCII lowercase alphabetic characters and numeric characters. A warning message is written if the string exceeds MAXGLEN-1, which is 32 characters in Oracle Solaris 11.4. The group field must contain at least one character; it accepts lowercase or numeric characters or a combination of both, and must not contain a colon (:) or NEWLINE.

Exit Status

The following exit values are returned:


Successful completion.


Invalid command syntax. A usage message for the groupadd command is displayed.


An invalid argument was provided to an option.


The gid is not unique (when –o option is not used).


The group is not unique.


The group database cannot be updated.


  • /etc/group

  • /usr/include/userdefs.h


See attributes(7) for descriptions of the following attributes:


See Also

group(5), attributes(7), groupdel(8), groupmod(8), grpck(8), logins(8), pwck(8), useradd(8), userdel(8), usermod(8)

Managing User Accounts and User Environments in Oracle Solaris 11.4

Working With Oracle Solaris 11.4 Directory and Naming Services: LDAP


groupadd adds a group definition to the system. If a network name service is being used to supplement the local /etc/group file with additional entries, groupadd verifies the uniqueness of a specified group name and group ID against the external name service and uses the entries in the files repository. The group name should be restricted to the Portable Filename Characters: A-Z, a-z, 0-9, '_', '-', and '.'.

If the number of characters in a group entry exceeds 2047, group maintenance commands, such as groupdel(8) and groupmod(8), fail.