diff --git a/README.md b/README.md
index ff4a86b..4c2bf21 100644
--- a/README.md
+++ b/README.md
@@ -38,6 +38,7 @@ The Option of these directory-variables are the following.
 | ``pubkeys`` | string or lookup | - | see examples |
 | ``exklusive_pubkeys`` | ``true`` | - | delete all undefined ssh keys |
 | ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
+| ``groups`` | list | - | Additional groups for your user |
 | ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
 
 ### Other variables
diff --git a/roles/admin/README.md b/roles/admin/README.md
index b294772..462b140 100644
--- a/roles/admin/README.md
+++ b/roles/admin/README.md
@@ -29,6 +29,7 @@ The Option of these directory-variables are the following.
 | ``pubkeys`` | string or lookup | - | see examples |
 | ``exklusive_pubkeys`` | ``true`` | - | delete all undefined ssh keys |
 | ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
+| ``groups`` | list | - | Additional groups for your user |
 | ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
 
 ### Other
diff --git a/roles/sshd/README.md b/roles/sshd/README.md
index 88b8573..26d93f1 100644
--- a/roles/sshd/README.md
+++ b/roles/sshd/README.md
@@ -27,6 +27,7 @@ The Option of these directory-variables are the following.
 | ``pubkeys`` | string or lookup | - | see examples |
 | ``exklusive_pubkeys`` | ``true`` | - | delete all undefined ssh keys |
 | ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
+| ``groups`` | list | - | Additional groups for your user |
 | ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
 
 There is a third directory-variable called ``l3d_users__ssh_login: []`` which only support ``name`` and ``state`` for users, that sould be able to login on that system.
diff --git a/roles/user/README.md b/roles/user/README.md
index 10a7411..6734375 100644
--- a/roles/user/README.md
+++ b/roles/user/README.md
@@ -28,6 +28,7 @@ The Option of these directory-variables are the following.
 | ``pubkeys`` | string or lookup | - | see examples |
 | ``exklusive_pubkeys`` | ``true`` | - | delete all undefined ssh keys |
 | ``password`` | password hash | - | See [official FAQ](https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module) |
+| ``groups`` | list | - | Additional groups for your user |
 | ``remove`` | ``false`` | - | completly remove user if ``state: absent`` |
 
 ### Other Variables
diff --git a/roles/user/defaults/main.yml b/roles/user/defaults/main.yml
index f7f3d72..2022b5e 100644
--- a/roles/user/defaults/main.yml
+++ b/roles/user/defaults/main.yml
@@ -15,6 +15,7 @@ l3d_users__default_users: []
 #    admin_commands: 'ALL'
 #    admin_nopassword: false
 #    admin_ansible_login: true
+#    groups: ['admin', 'foo', 'bar']
 #  - name: 'bob'
 #    state: 'present'
 #    shell: '/bin/zsh'
diff --git a/roles/user/tasks/users.yml b/roles/user/tasks/users.yml
index de16f15..b682cfd 100644
--- a/roles/user/tasks/users.yml
+++ b/roles/user/tasks/users.yml
@@ -15,6 +15,7 @@
   ansible.builtin.user:
     name: "{{ user.name }}"
     group: "{{ user.name }}"
+    groups: "{{ user.groups | default() }}"
     state: 'present'
     create_home: "{{ user.create_home | default(true) }}"
     comment: "User created by ansible"
diff --git a/roles/user/vars/main.yml b/roles/user/vars/main.yml
index 954fcd2..476ca0b 100644
--- a/roles/user/vars/main.yml
+++ b/roles/user/vars/main.yml
@@ -1,3 +1,3 @@
 ---
-playbook_version_number: 8
+playbook_version_number: 9
 playbook_version_path: 'l3d.users.user.version'