Hello,
Thank you so much for posting here.
According to your description and my understanding, I have tested as shown below.
Configure the Delegation control for the special user account to have the enable and disable user accounts permission.
When I tried to remove the permission "Write userAccountControl", there is no warning.
If we would like to delete the delegated enable and disable user accounts permission, we could remove the special user account as shown below.
To deny this permission, we could try the below to check whether it works.
For any question, please feel free to contact us.
Best regards,
Hannah Xiong
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.