For a security domain, create a [mapping|audit|authorization|authentication] module. Try to remove it. If it was the only defined module of this type for the security domain, the deletion will not work. When there are N modules defined, it is possible to remove only up to N-1 of them.
and for mapping modules:
I suggest that the input text element for specifying mapping module type be changed to a combobox, because there is just an enumerated set of legal values, then it makes no sense that user has to type in one of them (... also it is currently possible to put in an invalid value and the creation of mapping module will succeed).