Microsoft KB Archive/172915

From BetaArchive Wiki
Knowledge Base


Host Security Fails to Enumerate Memberships of Local Groups

Article ID: 172915

Article Last Modified on 6/24/2004



APPLIES TO

  • Microsoft SNA Server 3.0 Service Pack 4
  • Microsoft SNA Server 4.0



This article was previously published under Q172915


SYMPTOMS

If a cached host user ID and password are configured for a user within a host security domain, SNA Server fails to map the cached user ID and password, causing the user's host logon to fail.

This problem occurs when the Windows NT user is a member of a global group that has been granted membership in a local group associated with the host security domain. If the user is explicitly added to the local group, the account mapping is performed correctly.

CAUSE

The host security components determine if a user is a member of a local group associated with a host security domain. If the local group contains global groups, those global groups are not correctly enumerated by SNA Server host security, causing no password cache lookup to occur.

STATUS

Microsoft has confirmed this to be a problem in SNA Server versions 3.0 and 3.0 Service Pack 1 (SP1). This problem was corrected in the latest SNA Server version 3.0 U.S. Service Pack. For information on obtaining this Service Pack, query on the following word in the Microsoft Knowledge Base (without the spaces):

S E R V P A C K


Keywords: kbbug kbfix kbnetwork KB172915