Microsoft KB Archive/172915

= Host Security Fails to Enumerate Memberships of Local Groups =

Article ID: 172915

Article Last Modified on 6/24/2004

-

APPLIES TO


 * Microsoft SNA Server 3.0 Service Pack 4
 * Microsoft SNA Server 4.0

-



This article was previously published under Q172915





SYMPTOMS
If a cached host user ID and password are configured for a user within a host security domain, SNA Server fails to map the cached user ID and password, causing the user's host logon to fail.

This problem occurs when the Windows NT user is a member of a global group that has been granted membership in a local group associated with the host security domain. If the user is explicitly added to the local group, the account mapping is performed correctly.



CAUSE
The host security components determine if a user is a member of a local group associated with a host security domain. If the local group contains global groups, those global groups are not correctly enumerated by SNA Server host security, causing no password cache lookup to occur.



STATUS
Microsoft has confirmed this to be a problem in SNA Server versions 3.0 and 3.0 Service Pack 1 (SP1). This problem was corrected in the latest SNA Server version 3.0 U.S. Service Pack. For information on obtaining this Service Pack, query on the following word in the Microsoft Knowledge Base (without the spaces):

S E R V P A C K

Keywords: kbbug kbfix kbnetwork KB172915

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.