Without seeing your nm-switch order and name-mapping rules, I can only venture so much. Here is a possible scenario:
Your ns-switch is ldap/nis then files. Your test user accessed a share via a LIF residing on Node01. SecD running on Node01 then performed the name mapping and populated the credential cache for the user. The same test user has never accessed a LIF on Node02, yet. So the default name mapping or default CIFS unix user option of pcuser is still in effect for the Node02 SecD cache. Remember: SECD runs on every node!
skynet::*> cifs options show -vserver hadrian_skyvs1 -fields default-unix-user
skynet::*> diag secd authentication show-creds -node skynet-01 -vserver hadrian_skyvs1 -win-name administrator
UNIX UID: pcuser <> Windows User: HADRIAN-SKYVS1\Administrator (Windows Local User)
If you point your test user to a LIF residing on Node02 or move all the Data LIFs to Node02 temporarily and test access by that user, Node02's show-creds command will look the same as Node01.
For more information about multiprotocol name mapping, see pg 114 of the NFS Best Practices Guide TR-4067
If this was useful, always remember the kudos button is just a click away!