While setting up permissions for editors and administrators, I realized that it seems impossible, for a member who doesn't have full administration rights, to create groups in the security tab (while he can create and edit roles). The only way i can achieve a group to create groups is to actually check the full admin checkbox. My task requires me to enable some users (being in a group i called "system managers" and having "almost" admin rights) to create groups themselves, while limiting access to other sections of the backend. Is there a way i can achieve my goal?

...hope i explained the issue well enough :)

Hm good point. I had a look through the Roles and Permissions tab you can apply to groups and the only ones security related are "Access to 'Security' section", "Apply roles to groups", "Manage permissions for groups". Have you tried assigning your group those permissions rather than admin. I wonder if one of them triggers the add. If not then I think it would be a good enhancement to have a Create Groups role.

Yep, tried to check everything but no way to create groups if user has not full admin rights :(

Ok then you might want to submit your request as an enhancement ticket on open.silverstripe.org.

OK, submission on its way. Thanks for your help!