If your users are in a domain (EXAMPLE-DOMAIN), One Identity Safeguard for Privileged Sessions (SPS) is also in that domain (EXAMPLE-DOMAIN), but your users need to access servers that are in a different domain (OTHER-DOMAIN), you must establish a level of trust between the domains. This is summarized in the following table.
|Domain username of the client||Domain of the target server||Result|
|EXAMPLE-DOMAIN\myusername||EXAMPLE-DOMAIN||Connection is established|
|EXAMPLE-DOMAIN\myusername||OTHER-DOMAIN||If OTHER-DOMAIN trusts EXAMPLE-DOMAIN, the connection is established|
|OTHER-DOMAIN\myusername||OTHER-DOMAIN||If two-way trust is established between OTHER-DOMAIN and EXAMPLE-DOMAIN, the connection is established|
|OTHER-DOMAIN\myusername||EXAMPLE-DOMAIN||If two-way trust is established between OTHER-DOMAIN and EXAMPLE-DOMAIN, the connection is established|
If you use an LDAP database when using SPS accross multiple domains, LDAP will only use the username without the domain name to verify the group membership.