When the same user is defined locally and in ldap, which of the two users does UNAB prefer, basically?
Release : 14.1
Component : PAM SERVER CONTROL ENDPOINT WINDOWS
In general you should avoid having different UIDs with the same account name - in particular to not run into this uncertainty.
This article explains the behaviour in Linux - other Unix flavours may behave differently:
Whether the local UID or the AD UID is picked first for authentication is determined by the account enumeration order of the system name service switch.
You can verify enumeration by running
# getent passwd
and see the accounts of the configured name services in the listed order.
The name service order is determined what is set in /etc/nsswitch.conf, e.g. by default it is
passwd: files uxauth
In this case the local files are the most relevant name service.
Hence, for the same user with different UIDs in the local /etc/passwd and in the AD it is the local user which will return upon authentication.
Anyway, this is not related to UNAB, it is the operating system's behaviour.