diff --git a/pym/unix/unix.py b/pym/unix/unix.py
index e7b5be5..afe63eb 100644
--- a/pym/unix/unix.py
+++ b/pym/unix/unix.py
@@ -558,7 +558,7 @@ class Unix(Ldap):
         return True
 
     def modify_user(self, login, pw, pw_delete, gid, shell, visible, lock,
-                    comment,homedir):
+                    comment, homedir):
         """"
         Изменить параметры пользователя в LDAP
         """
@@ -759,10 +759,22 @@ class Unix(Ldap):
             'ur_unix_group_users'
         ]
 
+        def get_primary_users(gid):
+            ldap_connect = self.clVars.Get('ldap.cl_ldap_connect')
+            users_dn = self.clVars.Get('ld_unix_users_dn')
+            uu = UnixUsers(ldap_connect, users_dn)
+            for user in sorted(uu.iterate_ldap_user("gidNumber=%d" % gid),
+                               key=lambda x: x.username):
+                yield "<%s>" % user.username
+
         self.clVars.Set('ur_unix_group_name', groupname, True)
+        gid = self.clVars.GetInteger('ur_unix_group_id')
         for varname in fields:
             varval = self.clVars.Get(varname)
             varobj = self.clVars.getInfo(varname)
+            if varname == 'ur_unix_group_users':
+                varval = (sorted(get_primary_users(gid))
+                          + sorted(varval))
             if "list" in varobj.type:
                 varval = "\n".join(varval)
 
diff --git a/pym/unix/variables/groups.py b/pym/unix/variables/groups.py
index c9f1f01..0558dd5 100644
--- a/pym/unix/variables/groups.py
+++ b/pym/unix/variables/groups.py
@@ -21,6 +21,7 @@ from calculate.ldap.variables.helpers import (LdapSearchHelper, LdapMaxHelper)
 from calculate.unix.variables.helpers import (UnixUserHelper, UnixGroupHelper,
                                               UnixActionHelper)
 from .action import Actions
+import re
 
 _ = lambda x: x
 from calculate.lib.cl_lang import (setLocalTranslate, getLazyLocalTranslate)
@@ -53,6 +54,8 @@ class VariableUrUnixGroupName(LdapSearchHelper, UnixActionHelper, Variable):
     def check(self, value):
         if not value:
             raise VariableError(_("You should specify group name"))
+        if not re.match("^[a-zA-Z_]([a-zA-Z0-9_ -]*[a-zA-Z0-9_-])?$", value):
+            raise VariableError(_("Wrong group name"))
         if self.check_name(value):
             raise VariableError(_("Group name already exists"))
 
@@ -117,12 +120,16 @@ class VariableUrUnixGroupNameExists(UnixUserHelper, UnixGroupHelper, Variable):
             raise VariableError(_("Choice group"))
         raise VariableError(_("Group %s not found") % value)
 
+class VariableClUnixGroupCommentDefault(Variable):
+    """
+    Комментарий для новой группы по умолчанию
+    """
+    value_format = "{ldap.ld_base_root.capitalize()} group"
 
 class VariableUrUnixGroupComment(UnixGroupHelper, UnixActionHelper, Variable):
     """
     Комментарий к группе
     """
-    value_format = "{ldap.ld_base_root.capitalize()} group"
     opt = ('-c', '--comment')
     metavalue = "COMMENT"
 
@@ -131,7 +138,7 @@ class VariableUrUnixGroupComment(UnixGroupHelper, UnixActionHelper, Variable):
         self.help = _("set comment of the group")
 
     def get_new(self):
-        return self._value_formatter.format(self.value_format, self.Get)
+        return self.Get('unix.cl_unix_group_comment_default')
 
     def get_exists(self):
         return self.Get('ur_unix_group_comment_exists')
@@ -415,10 +422,10 @@ class VariableClUnixGroupAliases(ReadonlyVariable):
     Алиасы для переменных
     """
     type = "table"
-    value = [#('name', 'ur_unix_group_name'),
-             ('id', 'ur_unix_group_id'),
-             ('comment', 'ur_unix_group_comment'),
-             ('users', 'ur_unix_group_users')]
+    value = [  # ('name', 'ur_unix_group_name'),
+               ('id', 'ur_unix_group_id'),
+               ('comment', 'ur_unix_group_comment'),
+               ('users', 'ur_unix_group_users')]
 
 
 class VariableClUnixGroupFields(Variable):
@@ -468,11 +475,9 @@ class VariableUrUnixGroupShow(UnixGroupHelper,
         self.help = _("show group")
 
     def choice_exists(self):
-        return [("","")] + self.ldap_group_list()
+        return [("", "")] + self.ldap_group_list()
 
     def check_exists(self, value):
         if value:
             if not self.search_ldap_group_name(value):
                 raise VariableError(_("%s group not found") % value)
-
-
diff --git a/pym/unix/variables/users.py b/pym/unix/variables/users.py
index 79430a2..35fbc5a 100644
--- a/pym/unix/variables/users.py
+++ b/pym/unix/variables/users.py
@@ -26,6 +26,7 @@ from calculate.unix.variables.helpers import (UnixUserHelper, UnixGroupHelper,
                                               ShowFieldsHelper,
                                               FieldsHelper, UnixActionHelper)
 from .action import Actions
+import re
 
 _ = lambda x: x
 from calculate.lib.cl_lang import (setLocalTranslate, getLazyLocalTranslate)
@@ -55,6 +56,8 @@ class VariableUrUnixLogin(UnixUserHelper, UnixActionHelper, Variable):
     def check_new(self, value):
         if not value:
             raise VariableError(_("You should specify login"))
+        if not re.match("^[a-zA-Z_]([a-zA-Z0-9_ -]*[a-zA-Z0-9_-])?$", value):
+            raise VariableError(_("Wrong user login"))
         if self.search_ldap_user_name(value):
             raise VariableError(_("User %s already exists" % value))
         if self.search_system_user_name(value):