External authentication via Active Directory is turned on for our databases. If I want to manage security, I can authenticate as an external account with full access privileges. However, as soon as I click on the "Edit" button to edit a privilege set, I can no longer save my changes or exit from the "Manage security" dialog by authenticating via an external account. This means I must have at least one internally-authenticated account with full access privileges, or I'll be unable to edit privilege sets. Is this expected behavior?