You have found a new security group created on your SMP and Site Servers.  You would like to know what it is.

8.7.3+

Information about this new security group is included in the following document:  Using ITMS with Token-Based Authentication. In short, the following applies to this new security group:

_SMP_USERS was added In ITMS 8.7.3 to simplify security management, regardless of whether token-based authentication or the ACC account are used. The _SMP_USERS group is created and managed by the SMA on site servers and the Notification Server. The _SMP_USERS group always exists, but the accounts included in the group will change when the Client Authentication method is changed:

• Enabling token-based authentication automatically adds the _SMP_IUSR account to the _SMP_USERS group
• Enabling the use of the ACC account automatically adds the ACC account to the _SMP_USERS group
• Disabling either authentication type removes the corresponding account from the _SMP_USERS group

Security descriptors use the _SMP_USERS group to enable the ACC account or clients using token-based authentication to access various file system objects or web sites. There is no need to rebuild security descriptors in cases when disabling or enabling the use of the ACC account or token-based authentication, because the _SMP_USERS group is always there and updated as needed. The SMA periodically validates the _SMP_USERS group and recreates it if needed.