Home > Storage > PowerScale (Isilon) > Product Documentation > Management and Migration > PowerScale OneFS Authentication, Identity Management, and Authorization > Importance of user mappings
If user mappings are not available or are not configured correctly, asymmetrical tokens are created. An asymmetrical token is where a user has access to a file from a certain protocol but is denied access from the other protocol. The inconsistent access is because the user’s access token is different when accessing the file from each protocol, as shown in the following example:
Figure 14. Asymmetrical tokens
Asymmetrical tokens lead to asymmetrical access. In the preceding example, for illustration purposes, the file permission is the “blue permission identity” and requires the blue ID portion of the access token. The blue portion is notating the UID with GIDs. When the same user tries to access the file from NFS and SMB, the following events occur:
On the contrary, configured user mapping leads to symmetrical tokens, irrespective of the access protocol. A symmetrical token grants equal access to the same user, which is the basis of the Unified Permission Model. OneFS user mapping provides a consistent multi-protocol experience when accessing the same file from NFS or SMB, as illustrated in the following figure:
Figure 15. Symmetrical tokens
Symmetrical tokens lead to symmetrical access. In the preceding example, the file permission is again the “blue permission” and requires the “blue ID” portion of the access token. The blue is notating the UID with GIDs. When the same user tries to access the file from NFS and SMB, the following events occur: