Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

Domain Policy

On the Domain Policy page you can define how SSH Tectia Server handles the user name when a client user tries to log in without specifying the prefix (indicating a local or domain user account). This setting defines where the server will look for the user account, and how it will fill in the missing prefix part.

SSH Tectia Server Configuration - Domain Policy page

Figure 4.7. SSH Tectia Server Configuration - Domain Policy page

SSH Tectia Server automatically lists of all domains where the local machine is part of, and places them into the Locations not checked field.

Move the relevant domains to the Locations checked field and arrange them to an order of preference. When a user logs in without a prefix, the user name is searched under the listed domains from top down. When a match is found, the rest of the domains are discarded. If no matching user accounts are found, authentication fails.

Option Default domain means that a user without a specified prefix will be treated as a domain user, and the default domain name of the local machine is added to the user name (usernamedefaultdomain_name\username).

Option Local machine means that a user without a specified prefix will be treated as a local user (usernamelocalmachine_name\username).

You can move unwanted domains to the Locations not checked list. These domains are not checked when searching for the user account.

If nothing is defined in the Locations checked list, SSH Tectia Server first checks if the user name is valid in the default domain, and if no match is found, the user will be treated as a local user with the local machine name as the prefix.


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more