Resolve an AD Alias Conflict with a Local Account

When you use AD Bridge to set an Active Directory alias for a user, the user can have a file-ownership conflict under the following conditions if the user logs on with the AD account:

  • The AD alias is the same alias as the original local account name.
  • The home directory assigned to the user in Active Directory is the same as the local user's home directory.
  • The owner UID-GID of the AD account is different from that of the local account.

To avoid such conflicts, by default AD Bridge includes the short AD domain name in each user's home directory. If the conflict nevertheless occurs, there are two options to resolve it:

  • Make sure that the UID assigned to the user's AD alias is the same as that of the user's local account.
  • Log on as root and use the chown command to recursively change the ownership of the local account's resources to the AD user alias.

Change Ownership

Log on the computer as root and execute the following commands:

cd <users home directory root>
chown –R <AD user UID>:<AD primary group ID> *.*

Alternatively, the following command may be used:

chown –R <short domain name>\\<account name>:<short domain name>\\<AD group name> *.*

You can generate reports to help identify duplicates and inconsistencies.