Different domain login to cyberark

Hello folks, I need your understanding and advise please. I have two separate domain A & B having their own respective CyberArk. And now domain A wants to access domain B’s CyberArk. but the problem is domain B users are authenticate with UPN and access resources whereas Domain A does not have UPN and they cannot have UPN. Domain A facing login issues to B’s CyberArk. How do I get this resolve to have domain A authenticate to B’s CyberArk and access its resources without impact? Kindly please help. Thank you

This forum is exclusively for Conjur and other open source projects. For PAM and other products, please reach out to technical support. You can also try the CyberArk subreddit for community support.

If I understand your issue correct, I think this should fix it for you:
https://cyberark.my.site.com/s/article/How-to-enable-UPN-login-for-LDAP-in-PVWA

Just adjust a different MicrosoftADProfile.ini which use UPN and use that for the domain with the users wanting to use UPN.

Thanks Morten for your response.

In my case, can I use ‘mail address’ to get authenticate with?
regards,
IM

In theory you can use any Microsoft AD User property basically, but should be tested of course :slight_smile: