The information in this article applies to:
SYMPTOMSIf LsarRemoveAccountRights is used to remove all privileges from an account, and no changes were made to the account's system access, the account will be deleted. This deletion will occur even if the account still has system access. The account should only be deleted if there are no privileges and the account has no system access. CAUSE
LsarRemoveAccountRights is not checking for system access unless system
access is changed. This will result in LsarRemoveAccountRights treating the
account as if it has no system access. Therefore, if all privileges are
removed, the account will be deleted.
STATUSMicrosoft has confirmed this to be a problem in Microsoft Windows NT version 4.0. This problem was corrected in the latest Microsoft Windows NT 4.0 U.S. Service Pack. For information on obtaining the service pack, query on the following word in the Microsoft Knowledge Base (without the spaces): S E R V P A C K Additional query words: prodnt
Keywords : kbenv kbnetwork ntsecurity kbbug4.00 kbfix4.00.sp2 NTSrvWkst |
|
Last Reviewed: January 30, 1999 © 2000 Microsoft Corporation. All rights reserved. Terms of Use. |