Hello,
I'm cleaning up security roles for my organization and I am trying to remove an ability to edit system users. In some cases, existing users are still able to modify this entity even after removing them from roles that previously allowed it.
To test that the role they are a part of, I created a new test user and assigned them to the same role as my problem user. In that case, it worked properly. I have also made sure that they were part of the same team to make sure it wasn't an inheritance thing.
This is using a 2013 on-premise deployment.
I've done quite a bit of searching and haven't found anything useful. Any ideas would be more than welcome!