If your users are in a domain (EXAMPLE-DOMAIN), One Identity Safeguard for Privileged Sessions (SPS) is also in that domain (EXAMPLE-DOMAIN), but your users need to access servers that are in a different domain (OTHER-DOMAIN), you must establish a level of trust between the domains. This is summarized in the following table.
Domain username of the client | Domain of the target server | Result |
---|---|---|
EXAMPLE-DOMAIN\myusername | EXAMPLE-DOMAIN | Connection is established |
EXAMPLE-DOMAIN\myusername | OTHER-DOMAIN | If OTHER-DOMAIN trusts EXAMPLE-DOMAIN, the connection is established |
OTHER-DOMAIN\myusername | OTHER-DOMAIN | If two-way trust is established between OTHER-DOMAIN and EXAMPLE-DOMAIN, the connection is established |
OTHER-DOMAIN\myusername | EXAMPLE-DOMAIN | If two-way trust is established between OTHER-DOMAIN and EXAMPLE-DOMAIN, the connection is established |
|
NOTE:
If you use an LDAP database when using SPS accross multiple domains, LDAP will only use the username without the domain name to verify the group membership. |