There are three built in groups in the Smoothwall authentication system:
- Default users
- Banned users
- Unauthenticated IPs
These groups cannot be deleted or renamed. Each is used for a specific purpose by the authentication system.
Default users
This group is for when a user has been authenticated but Smoothwall is not seeing a group membership for the user. After connecting to a directory, user groups from that directory are mapped to local Smoothwall groups - this is where the authentication system gets the users group membership from. If a user is not a member of any mapped group, but does exist in the directory, their group membership will be set to the Default users group.
Users that have their group membership set to the Default users group will have a hyphen(-) listed as their group membership in the "Services - authentication - User activity" list. This can be used to see what users have not been mapped to a local Smoothwall group yet.
Banned users
This group is used in conjunction with the user ban features on the admin UI and the user portal. When a user is banned, the authentication service overrides the users group membership, if any, and places the user in the Banned users group.
For this feature to work correctly, a policy to block content for the Banned users group also need to be configured.
Unauthenticated IPs
This group is assigned to any requests going to destinations excluded from authentication or going through a proxy that doesn't require authentication. This is the default setting for unauthenticated requests. This group membership can be overridden in the proxy configuration itself by selecting a different group to use for unauthenticated access permissions.