A collection of users who share permissions, notification, and LDAP/Active Directory properties. You can map an access group to an LDAP group, and you can send notifications to a group. You can nest groups. Users inherit the permissions of the groups to which they belong.