Adding Multiple Profiles for a User to a Zone

It is possible for a single Active Directory user to have more than one UNIX profile defined in a zone. If you attempt to add a new UNIX profile for an Active Directory account that already has a UNIX profile in the current zone, Access Manager displays a warning but allows you to continue.

If an Active Directory user has more than one UNIX profile in a zone, however, the user should log on to computers in the zone with the UNIX profile name he wants to use. Logging on with the Active Directory user login name—the user’s sAMAccountName attribute—might prevent the user from accessing some files because the account has multiple UNIX profiles and UIDs associated with it. ln most cases, users can log on with their Active Directory account name if you have created parent and child hierarchical zones that address conflicting profile attributes. However, if you are using classic zones or hierarchical zones that don’t address the need for multiple UNIX profiles, users might encounter file ownership issues.