Consider the following scenario:

  • You have an Authorization Manager store in an Active Directory domain environment.
  • You add a user to a role in Authorization Manager.
  • You log on to and then you log off from the domain on a Windows Vista-based or Windows Server 2008-based client computer by using the user account to that you added the role.
  • The administrator deletes the user from the role in the Authorization Manager.

In this scenario, the user still can access the role.

Leave a Reply