Set UID Conflict Resolution

Control how the Delinea Agent responds if a user logs on with an Active Directory account and either the Active Directory user name or Active Directory UID conflicts with a local user account.

The purpose of detecting a duplicate user name or duplicate UID is to prevent an Active Directory user from signing on and receiving privileges to modify files created by a different local user.

If you select Enabled for this group policy, you can choose one of the following options:

• ignore — Do not report duplicate user names or UID conflicts. If detected, log the conflict at the info level if logging is enabled.

• warn — Warn the user of the user name or UID conflict after a successful login. Log the conflict at warning level if logging is enabled. This is the default value.

• error — Report UID conflict to user after user name is entered. Don't accept password. Don't allow log in. Log conflict at error level.

This group policy modifies the pam.uid.conflict setting in the agent configuration file.