Consider the following scenario:
- You have an Authorization Manager store in an Active Directory domain environment.
- You add a user to a role in Authorization Manager.
- You log on to and then you log off from the domain on a Windows Vista-based or Windows Server 2008-based client computer by using the user account to that you added the role.
- The administrator deletes the user from the role in the Authorization Manager.
In this scenario, the user still can access the role.