On the Domain Policy page you can define how SSH Tectia Server handles the user name when a client user tries to log in without specifying the prefix (indicating a local or domain user account). This setting defines where the server will look for the user account, and how it will fill in the missing prefix part.

Figure 4.7. SSH Tectia Server Configuration - Domain Policy page

SSH Tectia Server automatically lists of all domains where the local machine is part of, and places them into the Locations not checked field.

Move the relevant domains to the Locations checked field and arrange them to an order of preference. When a user logs in without a prefix, the user name is searched under the listed domains from top down. When a match is found, the rest of the domains are discarded. If no matching user accounts are found, authentication fails.

Option Default domain means that a user without a specified prefix will be treated as a domain user, and the default domain name of the local machine is added to the user name (username → defaultdomain_name\username).

Option Local machine means that a user without a specified prefix will be treated as a local user (username → localmachine_name\username).

You can move unwanted domains to the Locations not checked list. These domains are not checked when searching for the user account.

If nothing is defined in the Locations checked list, SSH Tectia Server first checks if the user name is valid in the default domain, and if no match is found, the user will be treated as a local user with the local machine name as the prefix.