Question: What attributes are used to look up users for Privileged Access Service portal logins?
Answer: The following attributes are checked for an AD user when looking up by name:
SAM Account Name
Domain name is required to lookup a sAMAcountName. If not specified (by prefixing the name with domain), the connector will use its setting 'domainName', which is set during the connector registration. This can be problematic for customers that have multiple domains. Users will need to use UPN or domain\name.