This configuration parameter specifies the message displayed if a user identifier (UID) conflict is detected during login; that is, if there is a local user with a different user name but the same UID as the Active Directory user logging on. For example:
user1 10001 #local user user2 10001 #AD user
When the message is displayed, the %d token is replaced with the UID of the conflicting local account. The message string you define must contain exactly one %d token, and no other string replacement (%) characters.
pam.account.conflict.uid.mesg: \ Account with conflicting UID (%d) exists locally
For more information about displaying a warning when local conflicts are detected, see pam.uid.conflict.