diff --git a/addUser.php b/addUser.php
index 1809544..6b3b9d6 100644
--- a/addUser.php
+++ b/addUser.php
@@ -5,9 +5,11 @@
 require_once(BASE_PATH . 'helpers.inc.php');
 require_once(BASE_PATH . 'classes/user.inc.php');
 require_once(BASE_PATH . 'classes/group.inc.php');
+require_once(BASE_PATH . 'classes/metagroup.inc.php');
 session_start();
 
 $ldapconn = ldap_bind_session();
+$metagroups = Metagroup::readMetagroups($ldapconn);
 $groupOus = GroupOu::readGroupOus($ldapconn);
 ldap_close($ldapconn);
 
@@ -102,7 +104,8 @@
 
       <!-- Modal-Dialog zur Gruppenauswahl zum Hinzufügen -->
       <usradm-group-add-modal
-          group-data="adduser.groupEditServ.groupData">
+          group-data="adduser.groupEditServ.groupData"
+          metagroup-data="adduser.groupEditServ.metagroupData">
       </usradm-group-add-modal>
 
       <usradm-send-email
@@ -113,6 +116,7 @@
       </usradm-send-email>
     </div>
 
+    <?php echoJsonDataAsScript("jsonMetagroups", $metagroups); ?>
     <?php echoJsonDataAsScript("jsonGroups", $groupOus); ?>
     <?php echoJsonDataAsScript("mailSettings", $mailSettings); ?>
 
diff --git a/ajax/addUserGroup.json.php b/ajax/addUserGroup.json.php
index cb44692..b763678 100644
--- a/ajax/addUserGroup.json.php
+++ b/ajax/addUserGroup.json.php
@@ -4,6 +4,7 @@
 require_once(BASE_PATH . 'ldap.inc.php');
 require_once(BASE_PATH . 'classes/user.inc.php');
 require_once(BASE_PATH . 'classes/group.inc.php');
+require_once(BASE_PATH . 'classes/metagroup.inc.php');
 session_start();
 
 $postdata = file_get_contents("php://input");
@@ -19,21 +20,46 @@
   http_response_code(400);
   die("Missing parameter: groupdn");
 }
-$groupdn = $request['groupdn'];
+$r_groupdn = $request['groupdn'];
+
+if (!isset($request['isMetagroup'])) {
+  http_response_code(400);
+  die("Missing parameter: isMetagroup");
+}
+$isMetagroup = $request['isMetagroup'];
 
-// read group from LDAP
 $ldapconn = ldap_bind_session();
-$group = Group::loadGroup($ldapconn, $groupdn);
+$user = User::readUser($ldapconn, $userdn);
+
+$groupDns = null;
+if ($isMetagroup) {
+  $metagroup = Metagroup::loadMetagroup($ldapconn, $r_groupdn);
+  $groupDns = $metagroup->members;
+} else {
+  $groupDns = array($r_groupdn);
+}
 
 $retval = array();
+foreach ($groupDns as $groupDn) {
+  if (in_array($groupDn, $user->group_dns)) {
+    // user is in this group already
+    continue;
+  }
+  $group = Group::loadGroup($ldapconn, $groupDn);
+  if ($group->addUser($userdn) !== true) {
+    http_response_code(500);
+    $retval["detail"] = ldap_error($ldapconn);
+    $retval["message"] = "Could not write change to LDAP directory";
+    break;
+  }
+}
 
-if ($group->addUser($userdn) === true) {
-  // success
+if (empty($retval)) {
+  // no problems occured
   http_response_code(200);
-} else {
-  http_response_code(500);
-  $retval["detail"] = ldap_error($ldapconn);
-  $retval["message"] = "Could not write change to LDAP directory";
+  $user = User::readUser($ldapconn, $userdn);
+  $user->loadGroupInformation();
+  $retval["user"] = $user;
 }
 
 ldap_close($ldapconn);
diff --git a/ajax/changeUserDetail.json.php b/ajax/changeUserDetail.json.php
index d0dddf7..2faf93f 100644
--- a/ajax/changeUserDetail.json.php
+++ b/ajax/changeUserDetail.json.php
@@ -31,7 +31,6 @@
 
 $retval = array();
 
-// check which field should be changed
 if ($user->changeField($field, $newValue) === true) {
   // success
   http_response_code(200);
diff --git a/classes/group.inc.php b/classes/group.inc.php
index 9487948..e0d686a 100644
--- a/classes/group.inc.php
+++ b/classes/group.inc.php
@@ -48,7 +48,6 @@ private static function readFromLdapEntry($ldapconn, $entry) {
     if (isset($att['cn']) && $att['cn']['count'] == 1) {
       $newGroup->cn = $att['cn'][0];
     }
-    $vals = ldap_get_values($ldapconn, $entry, "description");
     if (isset($att['description']) && $att['description']['count'] == 1) {
       $newGroup->description = $att['description'][0];
     }
diff --git a/classes/metagroup.inc.php b/classes/metagroup.inc.php
new file mode 100644
index 0000000..35747d2
--- /dev/null
+++ b/classes/metagroup.inc.php
@@ -0,0 +1,72 @@
+<?php
+
+require_once(__DIR__ . '/../config.inc.php');
+
+class Metagroup {
+  var $dn;
+  var $cn;
+  var $description;
+  var $members;
+
+  private $ldapconn;
+
+  const FILTER_METAGROUPS = "(objectclass=groupOfNames)";
+
+  public static function readMetagroups($ldapconn) {
+    if (METAGROUP_DN === false) {
+      return array();
+    }
+
+    $metagroups = array();
+    $search = ldap_list($ldapconn, METAGROUP_DN, Metagroup::FILTER_METAGROUPS,
+        array("cn", "description", "member"));
+    if (ldap_count_entries($ldapconn, $search) > 0) {
+      $entry = ldap_first_entry($ldapconn, $search);
+      do {
+        $metagroups[] = Metagroup::readFromLdapEntry($ldapconn, $entry);
+      } while ($entry = ldap_next_entry($ldapconn, $entry));
+    }
+    return $metagroups;
+  }
+
+
+
+  public static function loadMetagroup($ldapconn, $dn) {
+    $search = ldap_read($ldapconn, $dn, Metagroup::FILTER_METAGROUPS,
+        array("cn", "description", "member"));
+    if (ldap_count_entries($ldapconn, $search) > 0) {
+      $entry = ldap_first_entry($ldapconn, $search);
+
+      return Metagroup::readFromLdapEntry($ldapconn, $entry);
+    }
+  }
+
+
+
+  private static function readFromLdapEntry($ldapconn, $entry) {
+    $newMetagroup = new Metagroup();
+    $newMetagroup->dn = ldap_get_dn($ldapconn, $entry);
+
+    $att = ldap_get_attributes($ldapconn, $entry);
+    if (isset($att['cn']) && $att['cn']['count'] == 1) {
+      $newMetagroup->cn = $att['cn'][0];
+    }
+    if (isset($att['description']) && $att['description']['count'] == 1) {
+      $newMetagroup->description = $att['description'][0];
+    }
+    if (isset($att['member'])) {
+      $newMetagroup->members = [];
+      for($i = 0; $i < $att['member']['count']; $i++) {
+        $dn = $att['member'][$i];
+        $newMetagroup->members[] = $dn;
+      }
+    } else {
+      $newMetagroup->members = [];
+    }
+
+    $newMetagroup->ldapconn = $ldapconn;
+    return $newMetagroup;
+  }
+}
+
+?>
diff --git a/classes/user.inc.php b/classes/user.inc.php
index 193d92a..3994c82 100644
--- a/classes/user.inc.php
+++ b/classes/user.inc.php
@@ -10,7 +10,7 @@ class User {
   var $displayName;
   var $sn;
   var $givenName;
-  private $group_dns;
+  var $group_dns;
   var $groups = null;
 
   private $ldapconn;
diff --git a/config.inc.php.template b/config.inc.php.template
index 6565213..ed6f28b 100644
--- a/config.inc.php.template
+++ b/config.inc.php.template
@@ -9,8 +9,11 @@ define('BASE_IMPRESSUM_LINK', 'http://www.example.com/site.html');
 define('LDAP_SERVER', 'ldaps://example.com/');
 define('BASE_DN', 'dc=example,dc=com');
 define('GROUP_DN', 'ou=Groups,' . BASE_DN);
+define('METAGROUP_DN', 'ou=Metagroups,' . BASE_DN);
+// or to disable metagroups:
+// define('METAGROUP_DN', false);
 define('USER_DN', 'ou=People,' . BASE_DN);
-define('DUMMY_USER_DN', 'cn=dummy,dc=example,dc=com');
+define('DUMMY_USER_DN', 'cn=dummy,' . BASE_DN);
 
 // LDAP objectclass assigned to new users
 define('OBJECTCLASS', 'inetOrgPerson');
diff --git a/gruppen.php b/gruppen.php
index aef30e1..891146a 100644
--- a/gruppen.php
+++ b/gruppen.php
@@ -4,9 +4,11 @@
 require_once(BASE_PATH . 'ldap.inc.php');
 require_once(BASE_PATH . 'helpers.inc.php');
 require_once(BASE_PATH . 'classes/group.inc.php');
+require_once(BASE_PATH . 'classes/metagroup.inc.php');
 session_start();
 
 $ldapconn = ldap_bind_session();
+$metagroups = Metagroup::readMetagroups($ldapconn);
 $ous = GroupOu::readGroupOus($ldapconn);
 
 foreach ($ous as $ou) {
@@ -27,6 +29,34 @@
       <h1>Gruppen anzeigen</h1>
 
       <div id="accordion" class="panel-group">
+        <div class="panel panel-default" ng-if="list.metagroupData.length">
+          <div data-toggle="collapse" href="#collapseMetagroups"
+              data-parent="#accordion"
+              class="panel-heading clickable">
+            <h4 class="panel-title">Metagroups</h4>
+          </div>
+          <div id="collapseMetagroups" class="panel-collapse collapse">
+            <ul class="list-group">
+              <li class="list-group-item clickable"
+                  ng-repeat="metagroup in list.metagroupData">
+                <h5 class="list-group-item-heading">
+                  {{metagroup.cn}}
+                  <span class="small">
+                    ({{metagroup.dn}})
+                  </span>
+                </h5>
+                <p class="list-group-item-text">
+                  {{metagroup.description}}
+                </p>
+                <ul ng-if="metagroup.members.length">
+                  <li ng-repeat="group in metagroup.members">
+                    {{group}}
+                  </li>
+                </ul>
+              </li>
+            </ul>
+          </div> <!-- panel-collapse -->
+        </div>
         <div class="panel panel-default" ng-repeat="ou in list.groupData">
           <div data-toggle="collapse" href="#collapse{{ou.ou}}"
               data-parent="#accordion"
@@ -69,6 +99,7 @@ class="panel-heading clickable">
       </div> <!-- panel-group -->
     </div>
 
+    <?php echoJsonDataAsScript("jsonMetagroups", $metagroups); ?>
     <?php echoJsonDataAsScript("jsonGroupOus", $ous); ?>
 
 <?php include('html_bottom.inc.php'); ?>
diff --git a/js/angular-app.js b/js/angular-app.js
index f497211..d676204 100644
--- a/js/angular-app.js
+++ b/js/angular-app.js
@@ -73,15 +73,9 @@
           {params: {dn: user.dn}})
           .then(function onSuccess(response) {
         data = response.data;
-        user.groups = data.groups;
-        user.sn = data.sn;
-        user.givenName = data.givenName;
+        updateUserDetails(user, data);
         user.detailsLoaded = true;
         user.loading = false;
-        user.groupDns = {};
-        user.groups.map(function(item) {
-          user.groupDns[item.dn] = item;
-        });
       });
     };
 
@@ -197,6 +191,7 @@
       templateUrl: 'templates/groupAddList.html',
       scope: {
         groupData: '=groupData',
+        metagroupData: '=metagroupData'
       },
       link: function(scope, elemet, attrs) {
         scope.editUserService = editUserService;
@@ -211,25 +206,32 @@
     alerts = alertsService;
     var serv = {};
 
+    var jsonMetagroupEl = document.getElementById('jsonMetagroups');
+    if (jsonMetagroupEl) {
+      serv.metagroupData = JSON.parse(jsonMetagroupEl.textContent);
+    }
     var jsonGroupEl = document.getElementById('jsonGroups');
     if (jsonGroupEl) {
       serv.groupData = JSON.parse(jsonGroupEl.textContent);
     }
 
-    serv.addGroupToUser = function(user, group, groupAdding) {
+    serv.addGroupToUser = function(user, group, isMetagroup, groupAdding) {
+      var messageString = isMetagroup ? 'Metagruppe' : 'Gruppe';
       groupAdding[user.dn] = true;
-      angular.element('#groupAddModal').modal('hide');
+      //angular.element('#groupAddModal').modal('hide'); // TODO: duplicated
       $http.post('ajax/addUserGroup.json.php',
           {'userdn': user.dn,
-            'groupdn': group.dn})
+            'groupdn': group.dn,
+            'isMetagroup': isMetagroup})
           .then(function(response) {
             // success
-            user.groups.push(group);
-            user.groupDns[group.dn] = group;
+            if (response.data.user) {
+              updateUserDetails(user, response.data.user);
+            }
             groupAdding[user.dn] = false;
             alerts.push(
               {type: 'success',
-                msg: 'Benutzer ' + user.cn + ' zu Gruppe '
+                msg: 'Benutzer ' + user.cn + ' zu ' + messageString + ' '
                     + group.cn + ' hinzugefügt',
               dismiss: 5000});
           }, function(response) {
@@ -237,7 +239,8 @@
             groupAdding[user.dn] = false;
             alerts.push(
               {type: 'danger',
-                msg: 'Konnte Benutzer ' + user.cn + ' nicht zu Gruppe '
+                msg: 'Konnte Benutzer ' + user.cn + ' nicht zu '
+                    + messageString + ' '
                     + group.cn + ' hinzufügen: ' + response.data.detail});
           });
     };
@@ -341,8 +344,8 @@
       return userAddGroup.groupDns.hasOwnProperty(group.dn);
     };
 
-    serv.addGroupToUser = function(group) {
-      groupEditService.addGroupToUser(userAddGroup, group, groupAdding);
+    serv.addGroupToUser = function(group, isMetagroup) {
+      groupEditService.addGroupToUser(userAddGroup, group, isMetagroup, groupAdding);
       angular.element('#groupAddModal').modal('hide');
     };
 
@@ -374,7 +377,8 @@
       restrict: 'E',
       templateUrl: 'templates/groupAddModal.html',
       scope: {
-        groupData: '=groupData'
+        groupData: '=groupData',
+        metagroupData: '=metagroupData'
       }
     };
   });
@@ -382,6 +386,8 @@
 
 
   useradminApp.controller('GrouplistController', function() {
+    this.metagroupData = JSON.parse(
+        document.getElementById('jsonMetagroups').textContent);
     this.groupData = JSON.parse(
         document.getElementById('jsonGroupOus').textContent);
   });
@@ -681,3 +687,15 @@
     };
   });
 })();
+
+
+
+function updateUserDetails(user, data) {
+  user.groups = data.groups;
+  user.sn = data.sn;
+  user.givenName = data.givenName;
+  user.groupDns = {};
+  user.groups.map(function(item) {
+    user.groupDns[item.dn] = item;
+  });
+}
diff --git a/templates/groupAddList.html b/templates/groupAddList.html
index b549107..4cf0929 100644
--- a/templates/groupAddList.html
+++ b/templates/groupAddList.html
@@ -1,4 +1,33 @@
 <div id="accordion" class="panel-group">
+  <div class="panel panel-default" ng-if="metagroupData.length">
+    <div data-toggle="collapse" href="#collapseMetagroups"
+        data-parent="#accordion"
+        class="panel-heading clickable">
+      <h4 class="panel-title">Metagroups</h4>
+    </div>
+    <div id="collapseMetagroups" class="panel-collapse collapse">
+      <ul class="list-group">
+        <li class="list-group-item clickable"
+            ng-repeat="metagroup in metagroupData"
+            ng-click="editUserService.addGroupToUser(metagroup, true)">
+          <h5 class="list-group-item-heading">
+            {{metagroup.cn}}
+            <span class="small">
+              ({{metagroup.dn}})
+            </span>
+          </h5>
+          <p class="list-group-item-text">
+            {{metagroup.description}}
+          </p>
+          <ul ng-if="metagroup.members.length">
+            <li ng-repeat="group in metagroup.members">
+              {{group}}
+            </li>
+          </ul>
+        </li>
+      </ul>
+    </div> <!-- panel-collapse -->
+  </div> <!-- panel -->
   <div class="panel panel-default" ng-repeat="ou in groupData">
     <div data-toggle="collapse" href="#collapse{{ou.ou}}"
         data-parent="#accordion"
@@ -18,7 +47,7 @@ <h4 class="panel-title">
         <li class="list-group-item clickable"
             ng-repeat="group in ou.groups"
             ng-show="!editUserService.userHasGroup(group)"
-            ng-click="editUserService.addGroupToUser(group)">
+            ng-click="editUserService.addGroupToUser(group, false)">
           <h5 class="list-group-item-heading">
             {{group.cn}}
             <span class="small">
diff --git a/templates/groupAddModal.html b/templates/groupAddModal.html
index 6bcb32f..a42607f 100644
--- a/templates/groupAddModal.html
+++ b/templates/groupAddModal.html
@@ -9,7 +9,8 @@ <h4 class="modal-title">Gruppe hinzufügen</h4>
       </div>
       <div class="modal-body">
         <usradm-group-add-list-accordion
-          group-data="groupData">
+          group-data="groupData"
+          metagroup-data="metagroupData">
         </usradm-group-add-list-accordion>
       </div> <!-- modal-body -->
       <div class="modal-footer">
diff --git a/userlist.php b/userlist.php
index bd459a2..47803bb 100644
--- a/userlist.php
+++ b/userlist.php
@@ -5,10 +5,12 @@
 require_once(BASE_PATH . 'helpers.inc.php');
 require_once(BASE_PATH . 'classes/user.inc.php');
 require_once(BASE_PATH . 'classes/group.inc.php');
+require_once(BASE_PATH . 'classes/metagroup.inc.php');
 session_start();
 
 $ldapconn = ldap_bind_session();
 $users = User::readUsers($ldapconn);
+$metagroups = Metagroup::readMetagroups($ldapconn);
 $groupOus = GroupOu::readGroupOus($ldapconn);
 
 ldap_close($ldapconn);
@@ -57,11 +59,13 @@
 
       <!-- Modal-Dialog zur Gruppenauswahl zum Hinzufügen -->
       <usradm-group-add-modal
-          group-data="list.groupEditServ.groupData">
+          group-data="list.groupEditServ.groupData"
+          metagroup-data="list.groupEditServ.metagroupData">
       </usradm-group-add-modal>
     </div>
 
     <?php echoJsonDataAsScript("jsonUsers", $users); ?>
+    <?php echoJsonDataAsScript("jsonMetagroups", $metagroups); ?>
     <?php echoJsonDataAsScript("jsonGroups", $groupOus); ?>
 
 <?php include('html_bottom.inc.php'); ?>