As part of the access control development we are adding the capability for users and groups to be associated with roles - for this to be most effective the admin tools need to be able to see the existing groups and users eligible for assignment.

During authentication any queries executed are very targeted towards the currently authenticated user i.e. just searching for that users groups - now we need something to identify all users and groups.