Resolution | Follow the instructions below.
- The Archer server needs to have a two-way trust relationship with all domains involved.
- Do not set a default domain in Archer. This is set under Administration -> Access Control -> LDAP Configurations -> Make sure that nothing is set in the default column.
- The domain name in Archer needs to be set to the USERDOMAIN for the user. To set this navigate to Administration -> Access Control -> LDAP Configurations -> select the LDAP configuration/domain -> Configuration tab.

The USERDOMAIN value can be found from a user’s machine who is on the domain where authentication to RSA Archer needed following the steps below.
- Open the command prompt.
- Type set and hit enter.
- In the results look for the following: USERDOMAIN=
 |