CRM 2011 on premise
I have some users that have had a security role removed, but the Site Map and Entity Forms display as if the role was still assigned.
I have tested this every way possible and do not see a way to “positively” reset the users Security Roles.
This is causing issues because Users see areas of the Site Map that they should not, and when they open an entity, they see forms they should not. They can perform actions that their roles do not allow.
I have tried disabling and re-enabling the accounts and also swapping the account with a different AD user and the problem still exists.
I tried IIS Reset.
I remove ALL the user's roles, and they can still log into CRM and perform actions as if they had a role.