If these users are "getting in" (I assume you mean they have become authorized users) without your approval while you have admin approval required, you may have:
1) Someone else having access to your admin credentials (check your logs for activity in the admin area that is not consistent with when you were actually doing admin work on the site)
2) You may have been exploited where another user has gained admin privileges.
3) You may have been exploited by users being able to avoid the admin approval.
Is your phpbb the latest version? What do your logs show in the way of abnormal activity?
I wish I could help more, but those are the places I would start investigating.