The purpose of detecting a duplicate user name or duplicate UID is to prevent an Active Directory user from signing on and receiving privileges to modify files created by a different local user.
If you select Enabled for this group policy, you can choose one of the following options:
ignore— Do not report duplicate user names or UID conflicts. If detected, log the conflict at the info level if logging is enabled.
warn— Warn the user of the user name or UID conflict after a successful login. Log the conflict at warning level if logging is enabled. This is the default value.
error— Report UID conflict to user after user name is entered. Don't accept password. Don't allow log in. Log conflict at error level.
This group policy modifies the
pam.uid.conflict setting in the agent configuration file.