Access control

Hi all,
Working with tamino2.3.1.4 and apache web server.
Let’s say i have up to 10 valid users from apache side and only want three of them to have access to tamino. I have created the acl’s, groups, … for these 3 granted users, this works fine. I’ve read that the rest of apache users belong to a default group with the database name as group name. Is it right?
I tried to create this group (without users in it) and asociate this to a very restrictive acl, so any ungranted apache user would not have access to the database critical collections. When trying to add nodes to this acl i get the following error:
"access control element does already exist in access control list "
Any idea?

If the acl is created before the mydb group it works fine. Now ungranted apache users have restricted access to the database but…
The administrator used to login in the tamino manager has lost access to all the security collection. It’s an .
It can be solved. The tamino manager used can be added to tamino security and linked to a group/acl with full access to ino:security. Then everithing works fine.
Any idea or feedback about all this would be apreciated.