diff --git a/jdav_web/members/migrations/0010_create_default_permission_groups.py b/jdav_web/members/migrations/0010_create_default_permission_groups.py
new file mode 100644
index 0000000..08bd392
--- /dev/null
+++ b/jdav_web/members/migrations/0010_create_default_permission_groups.py
@@ -0,0 +1,119 @@
+# Generated by Django 4.0.1 on 2023-04-04 14:23
+
+from django.utils.translation import gettext_lazy as _
+from django.db import migrations
+
+STANDARD_PERMS = [
+    ('members', 'view_member'),
+    ('members', 'view_freizeit'),
+    ('members', 'add_global_freizeit'),
+    ('mailer', 'view_message'),
+    ('mailer', 'add_global_message'),
+    ('finance', 'view_statementunsubmitted'),
+    ('finance', 'add_global_statementunsubmitted'),
+]
+
+FINANCE_PERMS = [
+    ('finance', 'view_bill'),
+    ('finance', 'view_ledger'),
+    ('finance', 'add_ledger'),
+    ('finance', 'change_ledger'),
+    ('finance', 'delete_ledger'),
+    ('finance', 'change_statementsubmitted'),
+    ('finance', 'view_statementsubmitted'),
+    ('finance', 'view_transaction'),
+    ('finance', 'change_transaction'),
+    ('finance', 'add_transaction'),
+    ('finance', 'delete_transaction'),
+    ('finance', 'process_statementsubmitted'),
+    ('members', 'list_global_freizeit'),
+    ('members', 'view_global_freizeit'),
+]
+
+WAITINGLIST_PERMS = [
+    ('members', 'view_memberwaitinglist'),
+    ('members', 'view_global_memberwaitinglist'),
+    ('members', 'list_global_memberwaitinglist'),
+    ('members', 'change_global_memberwaitinglist'),
+    ('members', 'delete_global_memberwaitinglist'),
+]
+
+TRAINING_PERMS = [
+    ('members', 'change_global_member'),
+    ('members', 'list_global_member'),
+    ('members', 'view_global_member'),
+    ('members', 'add_global_membertraining'),
+    ('members', 'change_global_membertraining'),
+    ('members', 'list_global_membertraining'),
+    ('members', 'view_global_membertraining'),
+    ('members', 'view_trainingcategory'),
+    ('members', 'add_trainingcategory'),
+    ('members', 'change_trainingcategory'),
+    ('members', 'delete_trainingcategory'),
+]
+
+REGISTRATION_PERMS = [
+    ('members', 'may_manage_all_registrations'),
+    ('members', 'change_memberunconfirmedproxy'),
+    ('members', 'view_memberunconfirmedproxy'),
+    ('members', 'delete_memberunconfirmedproxy'),
+]
+
+MATERIAL_PERMS = [
+    ('members', 'list_global_member'),
+    ('material', 'view_materialpart'),
+    ('material', 'change_materialpart'),
+    ('material', 'add_materialpart'),
+    ('material', 'delete_materialpart'),
+    ('material', 'view_materialcategory'),
+    ('material', 'change_materialcategory'),
+    ('material', 'add_materialcategory'),
+    ('material', 'delete_materialcategory'),
+    ('material', 'view_ownership'),
+    ('material', 'change_ownership'),
+    ('material', 'add_ownership'),
+    ('material', 'delete_ownership'),
+]
+
+
+def create_group_with_perms(apps, schema_editor, name, perm_names):
+    db_alias = schema_editor.connection.alias
+    Group = apps.get_model("auth", "Group")
+    Permission = apps.get_model("auth", "Permission")
+    if Group.objects.filter(name=name).exists():
+        raise ValueError("A group with name %s already exists." % name)
+    perms = [ Permission.objects.get(codename=codename, content_type__app_label=app_label) for app_label, codename in perm_names ]
+    g = Group.objects.using(db_alias).create(name=name)
+    g.permissions.set(perms)
+    g.save()
+
+
+def try_create_group_with_perms(apps, schema_editor, name, perm_names):
+    Group = apps.get_model("auth", "Group")
+    if not Group.objects.filter(name=name).exists():
+        create_group_with_perms(apps, schema_editor, name, perm_names)
+
+
+def create_default_permission_groups(apps, schema_editor):
+    try_create_group_with_perms(apps, schema_editor, "Standard", STANDARD_PERMS)
+    try_create_group_with_perms(apps, schema_editor, "Finance", FINANCE_PERMS)
+    try_create_group_with_perms(apps, schema_editor, "Waitinglist", WAITINGLIST_PERMS)
+    try_create_group_with_perms(apps, schema_editor, "Trainings", TRAINING_PERMS)
+    try_create_group_with_perms(apps, schema_editor, "Registrations", REGISTRATION_PERMS)
+    try_create_group_with_perms(apps, schema_editor, "Material", MATERIAL_PERMS)
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('auth', '0001_initial'),
+        ('contenttypes', '0001_initial'),
+        ('material', '0001_initial_squashed_0002_auto_20171011_2045'),
+        ('finance', '0003_alter_bill_options_and_more'),
+        ('mailer', '0003_alter_message_options'),
+        ('members', '0009_alter_freizeit_options_alter_ljpproposal_options_and_more'),
+    ]
+
+    operations = [
+        migrations.RunPython(create_default_permission_groups, migrations.RunPython.noop),
+    ]