Host Security Fails to Enumerate Memberships of Local Groups (172915)
The information in this article applies to:
- Microsoft SNA Server 3.0
- Microsoft SNA Server 3.0 SP1
This article was previously published under Q172915 SYMPTOMS
If a cached host user ID and password are configured for a user within a
host security domain, SNA Server fails to map the cached user ID and
password, causing the user's host logon to fail.
This problem occurs when the Windows NT user is a member of a global group
that has been granted membership in a local group associated with the host
security domain. If the user is explicitly added to the local group, the
account mapping is performed correctly.
CAUSE
The host security components determine if a user is a member of a local
group associated with a host security domain. If the local group contains
global groups, those global groups are not correctly enumerated by SNA
Server host security, causing no password cache lookup to occur.
STATUS
Microsoft has confirmed this to be a problem in SNA Server versions 3.0 and
3.0 Service Pack 1 (SP1). This problem was corrected in the latest SNA
Server version 3.0 U.S. Service Pack. For information on obtaining this
Service Pack, query on the following word in the Microsoft Knowledge Base
(without the spaces):
| Modification Type: | Major | Last Reviewed: | 6/24/2004 |
|---|
| Keywords: | kbbug kbfix kbnetwork KB172915 |
|---|
|