Having a 'problem' with an sa4500. It very likely could be operator error, but we'll see.
I have two domains. One domain is configured as an auth server and I have selected the options to allow logging in with a domain added to your username, and also to allow trusted domain accounts.
In this One domain, I have created a Local group and added an account from a different trusted domain. I then used this group as the key for a role on the sa4500.
Unfortunately when I try to login with this account (specifying the different domain of course) it does not seem to work. In the log it looks like the attempt succeeds authentication, but there is a NoRole error, even though I have definitely created this role map for the new group.
Perhaps I am going about this incorrectly or someone might have some insight
you may not be getting a role for other restrictions. have you done a policy trace to see if you are failing bec of user name or bec you are not able to pass some host checker policy or host or cache cleaner is not loading etc?