Registrations are now open. Join us today!
There is still a lot of work to do on the wiki yet! More information about editing can be found here.
Already have an account?

Microsoft KB Archive/172915

From BetaArchive Wiki
Knowledge Base

Host Security Fails to Enumerate Memberships of Local Groups

Article ID: 172915

Article Last Modified on 6/24/2004


  • Microsoft SNA Server 3.0 Service Pack 4
  • Microsoft SNA Server 4.0

This article was previously published under Q172915


If a cached host user ID and password are configured for a user within a host security domain, SNA Server fails to map the cached user ID and password, causing the user's host logon to fail.

This problem occurs when the Windows NT user is a member of a global group that has been granted membership in a local group associated with the host security domain. If the user is explicitly added to the local group, the account mapping is performed correctly.


The host security components determine if a user is a member of a local group associated with a host security domain. If the local group contains global groups, those global groups are not correctly enumerated by SNA Server host security, causing no password cache lookup to occur.


Microsoft has confirmed this to be a problem in SNA Server versions 3.0 and 3.0 Service Pack 1 (SP1). This problem was corrected in the latest SNA Server version 3.0 U.S. Service Pack. For information on obtaining this Service Pack, query on the following word in the Microsoft Knowledge Base (without the spaces):


Keywords: kbbug kbfix kbnetwork KB172915