For domain authentication single sign-on (SSO), ensure that the following requirements are met:
The user belongs to a policy group with domain authentication enabled.
Make sure that the Host Name and Domain Name are configured properly.
PolicyServer and all Endpoint Encryption devices using domain authentication are in the same domain.
The user account is configured in both Active Directory and PolicyServer. The user name is case sensitive and must match exactly.
Additionally, domain authentication has the following limitations:
Domain authentication cannot be used with a Smart Card PIN.
Remote Help is available to domain users. However, the domain password must be reset in Active Directory if it is forgotten.