Set up an external security realm in Nexus (such as LDAP). Do not map any external users or groups into Nexus.
You will find that every user in the external security system can now log into the Nexus UI. Note that they do not gain access to anything. But still, this seems incorrect.
Note that Nexus 2.x has a privilege that controls whether or not login to the UI is possible. Nexus 3 should also have a privilege for this.