10.3.2. Using PSM across multiple domains

If your users are in a domain (EXAMPLE-DOMAIN), PSM is also in that domain (EXAMPLE-DOMAIN), but your users need to access servers that are in a different domain (OTHER-DOMAIN), you must establish a level of trust between the domains. This is summarized in the following table.

Domain username of the clientDomain of the target serverResult
EXAMPLE-DOMAIN\myusernameEXAMPLE-DOMAINConnection is established
EXAMPLE-DOMAIN\myusernameOTHER-DOMAINIf OTHER-DOMAIN trusts EXAMPLE-DOMAIN, the connection is established
OTHER-DOMAIN\myusernameOTHER-DOMAINIf two-way trust is established between OTHER-DOMAIN and EXAMPLE-DOMAIN, the connection is established
OTHER-DOMAIN\myusernameEXAMPLE-DOMAINIf two-way trust is established between OTHER-DOMAIN and EXAMPLE-DOMAIN, the connection is established
Note

The trusted domain is only supported as the authentication backend of RDP/RDG connections, but it is not supported by LDAP servers. PSM queries groups from a single AD server, without domain name, and therefore it does not know about the trusted domain in this case.