I can answer some of these questions, but not all:
The User Type issues are unresolved (for Sloan) and I won't explain them here. Besides, some of the issues are Sloan-specific, so our solution and needs may not be shared by other institutions. The most important category to Sloan is actually "roles," so that regardless of type, any user can have different roles within different groups.
The Full/Limited/Guest stuff serves Sloan's needs to grant group admins a wide degree of freedom in managing their users at the group level; and also a way for us to work towards obeying the spirit and letter of the U.S. Buckley Amendment. As for the toggling for one and not the other, that was an OpenForce design decision.
Full access users can join/drop any open classes and communities; these accounts are creating by self-registering or by the site wide admin. Limited access users cannot join/drop, but have full access to all groups to which they belong (for Sloan, this is used for cross-registered students); these accounts are created by the group admin. There are two types of guests, full access and limited. Full access are created by the site wide and can join/drop any open group, but cannot see private information. For example, this year's graduating class of alums chose to become Guests so that they woul dbe able to "browse" courses. Limited access guests are created by the group admin, cannot join/drop and cannot see private information. A Limited Access guest would be an outside speaker or industry partner who wanted to see class files, FAQs and news items, but they wouldn't see the member list, or forums, or surveys or receive bulk mails.
Hope this helps.
